Skip to content

build(deps): bump net.sf.jasperreports:jasperreports from 7.0.4 to 7.0.7 in /plugins/jasperreports7#1779

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/plugins/jasperreports7/net.sf.jasperreports-jasperreports-7.0.7
Open

build(deps): bump net.sf.jasperreports:jasperreports from 7.0.4 to 7.0.7 in /plugins/jasperreports7#1779
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/plugins/jasperreports7/net.sf.jasperreports-jasperreports-7.0.7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps net.sf.jasperreports:jasperreports from 7.0.4 to 7.0.7.

Release notes

Sourced from net.sf.jasperreports:jasperreports's releases.

JasperReports 7.0.7

  • add deserialization class filter to fix the CVE-2026-6009 security vulnerability;

  • introduce URL whitelist filter for controlling repository resources access;

  • new keepTogether flag for crosstab row groups;

  • various fixes made to the PDF exporter to better support the PDF/UA (accessibility) and PDF/A (archiving) standards;

  • new OSGi and Spring Boot samples;

  • support for versioning in the Jackson JRXML writer;

  • various dependencies upgrades including: Spring 6.2.18, Jackson 2.18.6, Bouncy Castle 1.84, Jetty 12.0.35 and Apache Log4J 2.25.4;

  • minor bug fixes and improvements;

JasperReports 7.0.6

  • introducing an official JasperReports Maven Plugin for compiling, decompiling and updating report design files (groupId: net.sf.jasperreports, artifactId: jasperreports-maven-plugin);

  • improved performance of the Ant tasks for compiling, decompiling and updating report design files by implementing multi-threading support;

  • various dependencies upgrades including: Apache Commons Lang 3.20.0, Rhino 1.8.1, ICU4J 78.2 and Apache Log4J 2.25.3;

  • minor bug fixes and improvements;

JasperReports 7.0.5

  • support for proportional table column resize using negative weight values convention;

  • minor bug fixes and improvements;

Changelog

Sourced from net.sf.jasperreports:jasperreports's changelog.

JasperReports 7.0.7 (2026-05-30)

  • add deserialization class filter to fix the CVE-2026-6009 security vulnerability;

  • introduce URL whitelist filter for controlling repository resources access;

  • new keepTogether flag for crosstab row groups;

  • various fixes made to the PDF exporter to better support the PDF/UA (accessibility) and PDF/A (archiving) standards;

  • new OSGi and Spring Boot samples;

  • support for versioning in the Jackson JRXML writer;

  • various dependencies upgrades including: Spring 6.2.18, Jackson 2.18.6, Bouncy Castle 1.84, Jetty 12.0.35 and Apache Log4J 2.25.4;

  • minor bug fixes and improvements;

JasperReports 7.0.6 (2026-03-13)

  • introducing an official JasperReports Maven Plugin for compiling, decompiling and updating report design files (groupId: net.sf.jasperreports, artifactId: jasperreports-maven-plugin);

  • improved performance of the Ant tasks for compiling, decompiling and updating report design files by implementing multi-threading support;

  • various dependencies upgrades including: Apache Commons Lang 3.20.0, Rhino 1.8.1, ICU4J 78.2 and Apache Log4J 2.25.3;

  • minor bug fixes and improvements;

JasperReports 7.0.5 (2026-02-27)

  • support for proportional table column resize using negative weight values convention;

... (truncated)

Commits
  • 072738a eula and version update
  • 9e373de check file repository root for output stream
  • 0e2fb70 changes.txt update
  • 5b02656 check root folder in HTML resource handler
  • 9751ee0 check repository root on context resolve
  • 9ff7da8 version update
  • f90c29b Merge branch 'release-7.0.7-JSSEC-167' into 'release-7.0.7'
  • ea320a1 add whitelist classes for virtualized JasperPrint
  • d1945b4 maven plugin api upgrade
  • 728f395 build number plugin config
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [net.sf.jasperreports:jasperreports](https://github.com/Jaspersoft/jasperreports) from 7.0.4 to 7.0.7.
- [Release notes](https://github.com/Jaspersoft/jasperreports/releases)
- [Changelog](https://github.com/Jaspersoft/jasperreports/blob/master/changes.txt)
- [Commits](Jaspersoft/jasperreports@7.0.4...7.0.7)

---
updated-dependencies:
- dependency-name: net.sf.jasperreports:jasperreports
  dependency-version: 7.0.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants