Sourced from com.unboundid:unboundid-ldapsdk's releases.

UnboundID LDAP SDK for Java 4.0.5

We have just released the UnboundID LDAP SDK for Java version 4.0.5, available for download from the LDAP.com website, from the releases page of our GitHub repository, from the Files page of our SourceForge project, and from the Maven Central Repository.

The most significant change in this release is the fix for a vulnerability described in CVE-2018-1000134. In an application that uses the LDAP SDK in synchronous mode, that uses the LDAP simple bind operation to authenticate users, that does not properly check to ensure that the user actually provided a password, and that sends its request to a directory server that does not follow the RFC 4513 section 5.1.2 recommendation to reject simple bind requests with a DN but no password, this bug could have allowed the application to mistakenly grant access to an attacker who identified themselves as a legitimate user but supplied an empty password. See CVE-2018-1000134 and the UnboundID LDAP SDK for Java for more information about this issue.

Other changes in the 4.0.5 release of the LDAP SDK include:

• Updated the command-line argument parser so that it will not assign a value from a properties file to an argument if that argument is part of an exclusive argument set and another argument in that set was provided on the command line.

• Fixed a manage-certificates bug in which the validity start time and validity duration values would be ignored when generating a self-signed certificate intended to replace an existing certificate. In that case, the tool would have always used the current time as the start time and a duration of one year.

• Updated the manage-certificates tool to change the primary name for the existing --replace-existing-certificate argument in the generate-certificate-signing-request subcommand to be --use-existing-key-pair, and updated the usage information to make it clearer that using this option will not cause the keystore to be updated. The former --replace-existing-certificate identifier can still be used and will behave in exactly the same way as before, so there is no change in functionality.

• Improved the usability of the ldap-debugger tool when using the --listenUsingSSL argument by ensuring that the --keyStorePath argument is also provided, along with one of the --keyStorePassword, --keyStorePasswordFile, and --promptForKeyStorePassword arguments.

• Fixed a number of cases in which there was a mismatch between the arguments provided to a message format string and the arguments expected by that format string. Unit tests have been added to help prevent this from recurring.

• Added a new PassphraseEncryptedOutputStream class that can be used to write encrypted data with a key generated from a provided passphrase. Also added a new PassphraseEncryptedInputStream class that can be used to read encrypted data written with the PassphraseEncryptedOutputStream when provided with the correct passphrase.

• Added new RateLimitedInputStream and RateLimitedOutputStream classes that can be used to impose a maximum rate (in bytes per second) at which data can be read from a wrapped input stream or written to a wrapped output stream.

• Added new CloseableLock and CloseableReadWriteLock classes that provide the same basic functionality as Java's ReentrantLock and ReentrantReadWriteLock classes, but that can also be used with Java's try-with-resources facility.

• Added a new FixedBarrier.await(int) method that can be used to request rate limiting for the specified number of occurrences, rather than just a single occurrence. This can be used to make it easier to impose rate limiting in instances where the event that you're limiting doesn't fit into the existing paradigm. For example, it could be used to implement a rate-limited output stream in which you want to be able to specify the number of bytes being written at a time, instead of requiring a separate await() call for each byte being written.

• Updated the ldapsearch, ldapmodify, split-ldif, transform-ldif, and validate-ldif tools to add support for encrypted LDIF files. The passphrase used to generate the encryption key can be provided interactively or read from a file.

• Added support for two new UnboundID/Ping-proprietary request controls that can help clients prevent inadvertently requesting unindexed searches. The reject unindexed search request control can be used to indicate that the server should reject a search request if it cannot be efficiently processed using server indexes, even if the requester has the unindexed-search privilege. The permit unindexed search request control can be used to indicate that the server should process the search request even if it is unindexed, as long as the requester has the unindexed-search-with-control privilege. The ldapsearch tool has also been updated allow these controls to be included in the search requests that it generates.

• Added support for a new UnboundID/Ping-proprietary request control that can be included in a search request to indicate that the client wishes to override an internal limit that might otherwise be in effect for that operation. The ldapsearch tool has been updated to allow this control to be included in the search requests that it generates.

• Updated the summarize-access-log tool to add support for encrypted log files. The passphrase used to generate the encryption key can be provided interactively or read from a file.

UnboundID LDAP SDK for Java 4.0.4

We have just released the UnboundID LDAP SDK for Java version 4.0.4, available for download from the LDAP.com website, from the releases page of our GitHub repository, from the Files page of our SourceForge project, and from the Maven Central Repository.

There are a few noteworthy changes included in this release. The release notes go into more detail, but the highlights of these changes include:

• We updated the way that the LDAP SDK generates exception messages to make them more user-friendly. They are now less likely to include stack traces, and they are less likely to include repeated information (like LDAP SDK build information, and information duplicated from an exception’s cause).
• We fixed an issue that could cause multiple application threads to block in the course of closing a connection pool.
• We updated the way that the LDAP SDK sends LDAP messages so that it is more resilient to stalls in the TLS negotiation process.
• We updated the LDAP SDK’s ServerSet implementations so that they can perform authentication and post-connect processing, which can make health checks against newly established connections more reliable.
• We updated the GetEntryLDAPConnectionPoolHealthCheck class to provide support for invoking the health check after a pooled connection has been authenticated.
• We fixed a bug in the GetEntryLDAPConnectionPoolHealthCheck class that could cause it to behave incorrectly when checking the validity of a connection after an LDAPException was caught.
• We updated the Attribute.hasValue method to be more efficient for attributes with multiple values, and especially for attributes with a lot of values or with more complicated matching rules. This will also improve the Filter.matchesEntry method for equality filters that target similar types of attributes.
• We updated the prompt trust manager to provide better output formatting, and to provide additional warnings about conditions that may make a server certificate chain less trustworthy.
• We updated the LDAPConnectionOptions class to adjust the initial default connect timeout and operation response timeout, and the default operation response timeout can now be set differently for each type of operation. Most of the default values for options in the LDAPConnectionOptions class can now be set via system properties.

UnboundID LDAP SDK for Java 4.0.3

The 4.0.3 release of the LDAP SDK contains a single bugfix over the 4.0.2 version. Just after releasing the 4.0.2 version, we found a bug in the way that the LDAP SDK generated and verified signatures for X.509 certificates and PKCS10 certificate signing requests. That has been corrected, and the 4.0.3 release is available for download from the LDAP.com website, from our GitHub repository, from the SourceForge project, or from the Maven Central Repository.

... (truncated)

Sourced from com.unboundid:unboundid-ldapsdk's changelog.

${TARGET="offline"} LDAP SDK Home Page ${TARGET="offline"} Product Information

 <h2>Release Notes</h2>
 &lt;h3&gt;Version 7.0.4&lt;/h3&gt;
 &amp;lt;p&amp;gt;
 The following changes were made between the 7.0.3 and 7.0.4 releases:
 &amp;lt;/p&amp;gt;
 &amp;lt;ul&amp;gt;
 &amp;lt;li&amp;gt;
 Updated the server set blacklist manager to improve debug logging in the event
 that servers are added to or removed from the blacklist. The round robin and
 fewest connections server sets can be configured to use this blacklist manager to
 temporarily avoid attempting to create connections to a server when health
 checking determines that it's not in an acceptably usable state.
 &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
 &amp;lt;/li&amp;gt;
 &amp;lt;li&amp;gt;
 Updated the PropertyManager class to make it possible to cache property values
 for faster access with less contention. Caching is disabled by default, but
 you can enable it by specifying a maximum cache duration. Additional methods
 are provided to clear the cache, and to populate the cache based on the
 currently defined system properties and environment variables.
 &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
 &amp;lt;/li&amp;gt;
 &amp;lt;li&amp;gt;
 Improved performance and reduced contention when retrieving environment variables
 from the JVM process.
 &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
 &amp;lt;/li&amp;gt;
 &amp;lt;/ul&amp;gt;
 &amp;lt;p&amp;gt;&amp;lt;/p&amp;gt;
 &amp;lt;h3&amp;gt;Version 7.0.3&amp;lt;/h3&amp;gt;
 &amp;lt;p&amp;gt;
 The following changes were made between the 7.0.2 and 7.0.3 releases:
 &amp;lt;/p&amp;gt;

... (truncated)

• b28fb50 Update the release notes for the 4.0.5 release
• 7d02fa0 Add an override search limits request control
• e30ae57 Add forName methods to enum classes
• 58a46d0 Fix an OS-specific issue in ToolInvocationLogger
• 8c77d1e Make a number of format string fixes
• 2e65024 Update ToolUtils.promptForEncryptionPassphrase
• 8471904 Fix a SimpleBindRequest bug
• 41df758 Better summarize-access-log encryption support
• 900ff84 Minor update in ToolUtils
• cdb139e Add tool compression and encryption support
• Additional commits viewable in compare view

Sourced from cn.hutool:hutool-all's releases.

5.8.21(2023年07月29日)

🐣新特性

• 【core 】 list 为空时,CollUtil.max等返回null而非异常(pr#1027@Gitee)
• 【poi 】 ExcelReader.getWriter逻辑变更,当从非文件读取时,获取sheet,而非空表格。
• 【core 】 Ipv4Util 新增方法:检测指定 IP 地址是否匹配通配符(pr#3171@Github)
• 【core 】 DateUtil.parse适配6位毫秒格式(issue#I7H34N@Gitee)
• 【core 】 RandomUtil增加可选是否包含边界的重载(issue#3182@Github)
• 【core 】 StrUtil增加truncateByByteLength方法(pr#3176@Github)
• 【core 】 身份证工具类isValidCard18、isValidCard15入参null直接返回null(pr#1034@Gitee)
• 【http 】 使用multiparty方式支持body参数(issue#3158@Github)
• 【core 】 ZipReader增加setMaxSizeDiff方法,自定义或关闭ZipBomb(issue#3018@Github)
• 【db 】 Query.of(entity)构建时传入fields(issue#I7M5JU@Gitee)
• 【db 】 clickhouse驱动名称变更为com.clickhouse.jdbc.ClickHouseDriver(issue#3224@Github)
• 【core 】 UrlResource增加size方法(issue#3226@Github)

🐞Bug修复

• 【core 】 修复MapUtil工具使用filter方法构造传入参数结果问题(issue#3162@Github)
• 【core 】 修复序列化和反序列化Class问题(issue#I7FQ29@Gitee)
• 【setting】 修复utf8-bom的setting文件读取问题(issue#I7G34E@Gitee)
• 【core 】 修复PathUtil.getMimeType可能造成的异常(issue#3179@Github)
• 【core 】 修复Pair序列化转换无效问题(issue#I7GPGX@Github)
• 【core 】 修复TypeUtil.getTypeArgument对实现接口获取不全面问题(issue#I7CRIW@Gitee)
• 【core 】 修复BeanUtil.isCommonFieldsEqual判空导致的问题
• 【extra 】 修复CompressUtil.createArchiver 将文件压缩为tgz时文件名规则无效问题(issue#I7LLL7@Gitee)
• 【core 】 修复脱敏银行卡号长度bug(pr#3210@Github)
• 【jwt 】 修复JWTSignerUtil中ES256签名不符合规范问题(issue#3205@Github)
• 【core 】 修复UserInfo获取country问题(issue#I7MCKW@Gitee)
• 【extra 】 修复MVEL加载错误问题(issue#3214@Github)
• 【json 】 修复JSONBeanParser在遇到List时没有被正确递归问题(issue#I7M2GZ@Gitee)
• 【core 】 修复VersionComparator对1.0.3及1.0.2a比较有误的问题(pr#1043@Gitee)
• 【core 】 修复IOS系统下,chrome 浏览器的解析规则有误(pr#1044@Gitee)
• 【extra 】 修复多线程下Sftp中Channel关闭的问题(issue#I7OHIB@Gitee)
• 【extra 】 修复CVE-2023-24163漏洞(issue#I6AJWJ@Gitee)

5.8.20(2023年06月16日)

🐣新特性

• 【core 】 UrlQuery增加setStrict方法,区分是否严格模式(issue#I78PB1@Gitee)
• 【poi 】 添加系列方法writeCol,以支持按列输出(pr#1003@Gitee)
• 【core 】 CollUtil新增anyMatch和allMatch方法(pr#1008@Gitee)
• 【core 】 CsvWriter如果开启了append=true,默认自动开启endingLineBreak=true(pr#1010@Gitee)

🐞Bug修复

• 【core 】 修复TreeUtil.getParentsName()获取到的路径集合中存在值为null的路径名称问题(issue#I795IN@Gitee)
• 【core 】 修复umberUtil.parseNumber对+解析问题(issue#I79VS7@Gitee)
• 【core 】 修复IdcardUtil.getGenderByIdCard存在潜在的异常(pr#1007@Gitee)
• 【core 】 修复Table#contains空指针问题(issue#3135@Gitee)
• 【core 】 修复FileUtil.checkSlip方法缺陷(issue#3140@Github)
• 【extra 】 修复Sftp中exists方法父目录不存在时报错(issue#I7CSQ9@Gitee)

... (truncated)

Sourced from cn.hutool:hutool-all's changelog.

5.8.21(2023年07月29日)

🐣新特性

• 【core 】 list 为空时,CollUtil.max等返回null而非异常(pr#1027@Gitee)
• 【poi 】 ExcelReader.getWriter逻辑变更,当从非文件读取时,获取sheet,而非空表格。
• 【core 】 Ipv4Util 新增方法:检测指定 IP 地址是否匹配通配符(pr#3171@Github)
• 【core 】 DateUtil.parse适配6位毫秒格式(issue#I7H34N@Gitee)
• 【core 】 RandomUtil增加可选是否包含边界的重载(issue#3182@Github)
• 【core 】 StrUtil增加truncateByByteLength方法(pr#3176@Github)
• 【core 】 身份证工具类isValidCard18、isValidCard15入参null直接返回null(pr#1034@Gitee)
• 【http 】 使用multiparty方式支持body参数(issue#3158@Github)
• 【core 】 ZipReader增加setMaxSizeDiff方法,自定义或关闭ZipBomb(issue#3018@Github)
• 【db 】 Query.of(entity)构建时传入fields(issue#I7M5JU@Gitee)
• 【db 】 clickhouse驱动名称变更为com.clickhouse.jdbc.ClickHouseDriver(issue#3224@Github)
• 【core 】 UrlResource增加size方法(issue#3226@Github)

🐞Bug修复

• 【core 】 修复MapUtil工具使用filter方法构造传入参数结果问题(issue#3162@Github)
• 【core 】 修复序列化和反序列化Class问题(issue#I7FQ29@Gitee)
• 【setting】 修复utf8-bom的setting文件读取问题(issue#I7G34E@Gitee)
• 【core 】 修复PathUtil.getMimeType可能造成的异常(issue#3179@Github)
• 【core 】 修复Pair序列化转换无效问题(issue#I7GPGX@Github)
• 【core 】 修复TypeUtil.getTypeArgument对实现接口获取不全面问题(issue#I7CRIW@Gitee)
• 【core 】 修复BeanUtil.isCommonFieldsEqual判空导致的问题
• 【extra 】 修复CompressUtil.createArchiver 将文件压缩为tgz时文件名规则无效问题(issue#I7LLL7@Gitee)
• 【core 】 修复脱敏银行卡号长度bug(pr#3210@Github)
• 【jwt 】 修复JWTSignerUtil中ES256签名不符合规范问题(issue#3205@Github)
• 【core 】 修复UserInfo获取country问题(issue#I7MCKW@Gitee)
• 【extra 】 修复MVEL加载错误问题(issue#3214@Github)
• 【json 】 修复JSONBeanParser在遇到List时没有被正确递归问题(issue#I7M2GZ@Gitee)
• 【core 】 修复VersionComparator对1.0.3及1.0.2a比较有误的问题(pr#1043@Gitee)
• 【core 】 修复IOS系统下,chrome 浏览器的解析规则有误(pr#1044@Gitee)
• 【extra 】 修复多线程下Sftp中Channel关闭的问题(issue#I7OHIB@Gitee)
• 【extra 】 修复CVE-2023-24163漏洞(issue#I6AJWJ@Gitee)

---

5.8.20(2023年06月16日)

🐣新特性

• 【core 】 UrlQuery增加setStrict方法,区分是否严格模式(issue#I78PB1@Gitee)
• 【poi 】 添加系列方法writeCol,以支持按列输出(pr#1003@Gitee)
• 【core 】 CollUtil新增anyMatch和allMatch方法(pr#1008@Gitee)
• 【core 】 CsvWriter如果开启了append=true,默认自动开启endingLineBreak=true(pr#1010@Gitee)

🐞Bug修复

• 【core 】 修复TreeUtil.getParentsName()获取到的路径集合中存在值为null的路径名称问题(issue#I795IN@Gitee)
• 【core 】 修复umberUtil.parseNumber对+解析问题(issue#I79VS7@Gitee)
• 【core 】 修复IdcardUtil.getGenderByIdCard存在潜在的异常(pr#1007@Gitee)
• 【core 】 修复Table#contains空指针问题(issue#3135@Gitee)
• 【core 】 修复FileUtil.checkSlip方法缺陷(issue#3140@Github)

... (truncated)

• 5889435 fix test
• 0eee7ea 修复CVE-2023-24163漏洞
• 9f777b3 add test
• d179823 UrlResource增加size方法
• e8c1f7a 修复多线程下Sftp中Channel关闭的问题
• 68daef7 修复IOS系统下,chrome 浏览器的解析规则有误
• 04b5cc9 !1044 修复issues:I7OTCU (IOS系统下,chrome 浏览器的解析规则有误)
• e1d2926 fix bug:issues/I7OTCU
• 1af3851 更新开原许可URL
• 4a0eb2d Merge pull request #3228 from zemochen/v5-dev
• Additional commits viewable in compare view

Sourced from org.springframework:spring-expression's releases.

v5.3.39

⭐ New Features

• SimpleEvaluationContext should disable array allocation #33386

v5.3.38

⭐ New Features

• Efficient handling of conditional HTTP requests #33378

🐞 Bug Fixes

• Fix incorrect weak ETag validation #33377
• SimpleEvaluationContext does not enforce read-only semantics #33320
• ConversionService cannot convert primitive array to Object[] #33314
• SpEL Indexer silently ignores failure to set property as index #33312
• Mockito mock falsely initialized as CGLIB proxy with AspectJ aspect #33142
• "file:." cannot be resolved to java.nio.file.Path (and plain "." value resolves to classpath root) #33140

📔 Documentation

• Typo in Annotation-driven Listener Endpoints section of Spring Framework documentation #33052
• Container Extension Points section of Spring Framework documentation refers to the wrong property name #33039
• Incorrect constructor details in the javadoc for ApplicationContextEvent #33034

🔨 Dependency Upgrades

• Upgrade to Reactor 2020047 #33322

v5.3.37

⭐ New Features

• AnnotationUtils performance degrades with deep stacks #32923

🐞 Bug Fixes

• AspectJ CTW aspects executed twice #32974
• SpEL compilation fails when indexing into a Map with a primitive #32911
• SpEL compilation fails when indexing into an array or list with an Integer #32909
• Application not starting with @EnableTransactionManagement(mode = AdviceMode.ASPECTJ) #32885

🔨 Dependency Upgrades

• Upgrade to Reactor 2020045 #33010

v5.3.36

🐞 Bug Fixes

• Overridden aspect method runs twice #32868
• @DateTimeFormat(iso = DateTimeFormat.ISO.DATE\_TIME) cannot convert UTC without milliseconds to java.util.Date #32860

... (truncated)

• f1b128b Release v5.3.39
• 8a44eaa Next development version (v5.3.39-SNAPSHOT)
• f44d13c Disable array allocation in case of no constructor resolution
• f00bc7b Remove snapshot repo
• 582bfcc Efficient ETag parsing
• 406b33d Upgrade to Netty 4.1.112
• f9c3d00 Introduce withAssignmentDisabled() option for SimpleEvaluationContext
• d2715d2 Fix incorrect weak ETag assertion
• 57b02da Upgrade to Reactor 2020047
• df33bf2 Sync GHA setup
• Additional commits viewable in compare view

Sourced from com.alibaba:fastjson's releases.

FASTJSON 1.2.83版本发布(安全修复)

这是一个安全修复版本,修复最近收到在特定场景下可以绕过autoType关闭限制的漏洞,建议fastjson用户尽快采取安全措施保障系统安全。

安全修复方案 :https://github.com/alibaba/fastjson/wiki/security_update_20220523

FASTJSON2已经发布并且提供兼容包,性能更好也更安全,升级指南 https://github.com/alibaba/fastjson2/wiki/fastjson_1_upgrade_cn

Issues

1. 安全加固
2. 修复JDK17下setAccessible报错的问题 #4077

• 下载 https://repo1.maven.org/maven2/com/alibaba/fastjson/1.2.83/
• 文档 https://github.com/alibaba/fastjson/wiki/%E5%B8%B8%E8%A7%81%E9%97%AE%E9%A2%98
• 源码 https://github.com/alibaba/fastjson/tree/1.2.83
• 2.0.x Releases https://github.com/alibaba/fastjson2/releases

fastjson 1.2.79版本发布,BUG修复

这又是一个bug fixed的版本,大家按需升级

Issues

1. 修复引入MethodInheritanceComparator导致某些场景序列化报错的问题
2. 增强JDK 9兼容
3. 修复JSONArray/JSONObject的equals方法在内部对象map/list相同时不直接返回true的问题

相关链接

• 下载 https://repo1.maven.org/maven2/com/alibaba/fastjson/1.2.79/
• 文档 https://github.com/alibaba/fastjson/wiki/%E5%B8%B8%E8%A7%81%E9%97%AE%E9%A2%98
• 源码 https://github.com/alibaba/fastjson/tree/1.2.79

fastjson 1.2.76版本发布,BUG修复增强兼容

这又是一个bug fixed的版本,大家按需升级

Issues

1. 修复一些直接抛RuntimeException的问题 #3631
2. parser自动识别gzip bytes #3614
3. 修复Throwable继承类属性不支持自动类型转换问题 #3217
4. 修复PrettyFormat情况下引用计算不对的问题 #3672
5. 修复AutoType不兼容LinkedHashMap的问题
6. 增强对Enum类型的自定类型转换
7. 修复deserializeUsing在泛型某些场景不能正常工作的问题 #3693
8. 提升JSONReader性能,减少小对象创建 #3627
9. 增强对JSONPath对filter的支持 #3629
10. JSONPath支持忽略NullValue的选项 #3607
11. 增强对定制化enum的支持 #3601
12. 增强对java.time.Instant和org.joda.time.Instant的支持 #3539
13. 修复Parser某些场景不能识别引用的问题

相关链接

• 下载 https://repo1.maven.org/maven2/com/alibaba/fastjson/1.2.76/
• 文档 https://github.com/alibaba/fastjson/wiki/%E5%B8%B8%E8%A7%81%E9%97%AE%E9%A2%98

... (truncated)

• 26f13f8 1.2.83
• 8f3410f bug fix for autotype
• cd3c2de improved jdk8 java.time support
• c63866e remove unused import
• 35db4ad bug fix for autoType
• 3f009e1 Merge pull request #4085 from hengyunabc/fix_setAccessible
• dd3de5f fix InaccessibleObjectException in jdk17. #4077
• a234f9a Merge pull request #4084 from alibaba/revert-4078-master
• 0814909 Revert "fix InaccessibleObjectException in jdk17. #4077"
• ab82d0b Merge pull request #4078 from hengyunabc/master
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.