chore(deps): bump io.swagger.core.v3:swagger-core-jakarta from 2.2.10 to 2.2.26 in /jans-auth-server

[dependabot]

Bumps io.swagger.core.v3:swagger-core-jakarta from 2.2.10 to 2.2.26.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dryrunsecurity]

DryRun Security Summary

The pull request updates the swagger-core-jakarta dependency version from 2.2.10 to 2.2.26 in two POM files, which is a routine update likely to include bug fixes and improvements with minimal security implications.

Expand for full summary

Summary:

The changes in this pull request are updates to the version of the swagger-core-jakarta dependency in the jans-auth-server/common/pom.xml and jans-auth-server/model/pom.xml files. Specifically, the version is being updated from 2.2.10 to 2.2.26. This is a minor version update, which typically indicates bug fixes, improvements, or new features, rather than significant API changes.

From an application security perspective, these changes are generally positive, as updating dependencies to their latest versions is a recommended practice to help ensure that known security vulnerabilities are addressed. However, it's important to review the release notes and change logs for the new version to understand any potential impact on the application. In this case, the Swagger library is used for API documentation, which is not directly related to the core security of the application. As long as the application is not relying on any specific features or behaviors of the previous version of the Swagger library, the update should not have a significant impact on the application's security.

Files Changed:

1. jans-auth-server/common/pom.xml: The version of the swagger-core-jakarta dependency is being updated from 2.2.10 to 2.2.26.
2. jans-auth-server/model/pom.xml: The version of the swagger-core-jakarta dependency is being updated from 2.2.10 to 2.2.26.

Overall, these changes appear to be routine dependency updates, which are common and necessary in software development. As an application security engineer, I would recommend reviewing the release notes for the new version of swagger-core-jakarta to ensure there are no known security issues, and then approving the pull request.

Code Analysis

We ran 9 analyzers against 2 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	2 findings

View PR in the DryRun Dashboard.

[dependabot]

Superseded by #10403.