Skip to content

Bump com.vaadin:vaadin-server from 7.6.8 to 7.7.50 #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump com.vaadin:vaadin-server from 7.6.8 to 7.7.50 #10

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jan 5, 2026

Bumps com.vaadin:vaadin-server from 7.6.8 to 7.7.50.

Release notes

Sourced from com.vaadin:vaadin-server's releases.

Vaadin Framework 7.7.50

The Vaadin Framework 7.7.50 is an extended-support release with the following changes:

  • Added sanitisation to Action captions unless HTML content mode is specified.
  • Added checks to prevent the same CSS strings from being injected into the styles multiple times.

Vaadin Framework 7.7.49

The Vaadin Framework 7.7.49 is an extended-support release with the following changes:

  • Made loading of scripts happen synchronously like in Vaadin 8
  • Added support for the usage of multiple @JavaScript and @StyleSheet annotations on a class
  • Bumped Atmosphere version to fix a potential NPE issue
  • Fixed internal Atmosphere version check to correctly detect MPR/Jakarta version of Push
  • Updated license checker invocations to be compatible with upstream technical licensing changes.

Vaadin Framework 7.7.48

The Vaadin Framework 7.7.48 is an extended-support release with the following changes:

  • Updated to Atmosphere 2.4.x, and consequently, Java 8. This bumps the minimum Java requirement from 7 to 8.
  • Added changes to make interrupting uploads more reliable, and block a possible security issue in the process.

Vaadin Framework 7.7.47

The Vaadin Framework 7.7.47 is an extended-support release with the following changes:

  • Fixed the text selection problems within Grid cells, so copying the contents of a single cell is possible
  • Added a Jakarta-compatible Push module
  • Fixed root module POM Source Code Management URLs to point to the correct repository

Vaadin Framework 7.7.46

The Vaadin Framework 7.7.46 is an extended-support release with the following changes:

  • Updated the Maven plugin to get rid of dependencies with known vulnerabilities

Note: Vaadin 7 projects require Java 8 when doing development builds, production mode builds will still work with Java 7. This is due to updates in the license checker, which internally is using Java 8

Vaadin Framework 7.7.45

The Vaadin Framework 7.7.45 is an extended-support release with the following changes:

  • Set no-store headers for error responses
  • ComboBox popup size and positioning take into account the menu element’s own padding in addition to the menu item’s
  • Internal changes, and a fix for a license checking issue

Vaadin Framework 7.7.44

The Vaadin Framework 7.7.44 is an extended-support release with the following changes:

  • Internal changes needed for future development
  • ComboBox popup position updates smoother when the page is scrolled

Vaadin Framework 7.7.43

The Vaadin Framework 7.7.43 is an extended-support release with the following changes:

... (truncated)

Changelog

Sourced from com.vaadin:vaadin-server's changelog.

Vaadin 7.7.50

  • Added sanitisation to Action captions unless HTML content mode is specified.
  • Added checks to prevent the same CSS strings from being injected into the styles multiple times.

Vaadin 7.7.49

  • Made loading of scripts happen synchronously like in Vaadin 8
  • Added support for the usage of multiple @JavaScript and @StyleSheet annotations on a class
  • Bumped Atmosphere version to fix a potential NPE issue
  • Fixed internal Atmosphere version check to correctly detect MPR/Jakarta version of Push
  • Updated license checker invocations to be compatible with upstream technical licensing changes.

Vaadin 7.7.48

  • Updated to Atmosphere 2.4.x, and consequently, Java 8. This bumps the minimum Java requirement from 7 to 8.
  • Added changes to make interrupting uploads more reliable, and block a possible security issue in the process.

Vaadin 7.7.47

  • Fixed the text selection problems within Grid cells, so copying the contents of a single cell is possible
  • Added a Jakarta-compatible Push module
  • Fixed root module POM Source Code Management URLs to point to the correct repository

Vaadin 7.7.46

  • Updated maven plugin with updated dependencies
  • Internal test fixes

Vaadin 7.7.45

  • Set no-store headers for error responses
  • ComboBox popup size and positioning take into account the menu element’s own padding in addition to the menu item’s
  • Internal changes, and a fix for a license checking issue

Vaadin 7.7.44

  • Internal changes needed for future development
  • ComboBox popup position updates smoother when the page is scrolled

Vaadin 7.7.43

  • Made ComboBox rendering faster by trying to avoid constant popup size recalculations
  • Backported Upload fixed from Vaadin 8, namely preventing upload if no file has been selected, and making sure the ChangeListener still works after the first upload.
  • Added things necessary for JavaDoc generation.
  • Updated the license checker, fixed tests, updated the copyright dates

Vaadin 7.7.42

  • Added read-only support to Grid. This allows disabling editing features in an otherwise editable Grid while still retaining scrolling. Use existing API method Grid.setReadOnly(true).

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump com.vaadin:vaadin-server from 7.6.8 to 7.7.50
179b5d2 
Bumps [com.vaadin:vaadin-server](https://github.com/vaadin/framework) from 7.6.8 to 7.7.50.
- [Release notes](https://github.com/vaadin/framework/releases)
- [Changelog](https://github.com/vaadin/framework/blob/master/CHANGELOG-VAADIN7.md)
- [Commits](vaadin/framework@7.6.8...7.7.50)

---
updated-dependencies:
- dependency-name: com.vaadin:vaadin-server
  dependency-version: 7.7.50
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jan 5, 2026
@dependabot dependabot bot mentioned this pull request Jan 5, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant