Bump com.hubspot.jinjava:jinjava from 2.4.0 to 2.7.6 in /shell in the shell-security-updates group across 1 directory by dependabot[bot] · Pull Request #5242 · apache/zeppelin

dependabot · 2026-05-06T17:06:44Z

Bumps the shell-security-updates group with 1 update in the /shell directory: com.hubspot.jinjava:jinjava.

Updates com.hubspot.jinjava:jinjava from 2.4.0 to 2.7.6

Release notes

Sourced from com.hubspot.jinjava:jinjava's releases.

jinjava-2.7.6

2025-02-02 Version 2.7.6 (Maven Central)

Disallow accessing properties on restricted classes while rendering through ForTag

Upgrade jackson to version 2.20

jinjava-2.7.5

2025-09-30 Version 2.7.5 (Maven Central)

Disallow accessing properties on restricted classes while rendering

jinjava-2.7.4

2024-12-06 Verision 2.7.4 (Maven Central)

Implement jinja2.ext.loopcontrols extensions (break and continue)

Apply whitespace rules for LStrip and Trim to comment blocks

jinjava-2.7.3

2024-09-12 Version 2.7.3 (Maven Central)

Add support for numeric keys in map literal

Add feature to consider undefined variable a TemplateError

Improve Optional value serialization

Fix bug where extends roots were processed inside of the RenderFilter

Don't allow illegal characters in XmlAttrFilter

Limit string length in + and ~ operators

Fix various RuntimeExceptions in filters and functions

Updates dependency versions

jinjava-2.7.2

2024-02-12 Version 2.7.2 (Maven Central)

Use interpreter's locale for strftime functions

Prevent infinite hashCode recursion in PyList or PyMap

Support aliasing macro function names in {% from %} tag

Add whitespace trimming functionality for notes and expressions

Add feature to prevent accidental expressions from being output

Add length-limiting to |render filter and add |closehtml filter

Add length-limiting to |tojson filter

Make |pprint filter output in JSON format

Allow for loop with null values

Add length-limiting when coercing strings

Add ECHO_UNDEFINED feature

Various PRs for eager execution to support two-phase rendering.

jinjava-2.7.1

2023-08-11 Version 2.7.1 (Maven Central)

Introduce {% do %} blocks

Add warnings for unclosed tokens

Fix |default(null) behavior

Improve EscapeJinjavaFilter

Improve BeanELResolver Extensibility

Add snake_case serialization config option

Add generic node pre/post processors

Upgrade jackson to 2.14.0

... (truncated)

Changelog

Sourced from com.hubspot.jinjava:jinjava's changelog.

2026-02-02 Version 2.7.6 (Maven Central)

Disallow accessing properties on restricted classes while rendering through ForTag

Upgrade jackson to version 2.20

2025-10-22 Version 2.8.2 (Maven Central)

Fix helper token escape handling and unescaping when unquoting strings

2025-09-30 Version 2.7.5 (Maven Central)

Disallow accessing properties on restricted classes while rendering

2025-09-16 Version 2.8.1 (Maven Central)

Disallow accessing properties on restricted classes while rendering

Make stack operations use AutoCloseable for safer usage with try-with-resources

2025-05-05 Version 2.8.0 (Maven Central)

Target Java 17

Implement PyMap#get with optional default

Fix ConcurrentModificationException when sharing Context across threads

Fix max render depth tracking for {% call %} tags

2024-12-06 Version 2.7.4 (Maven Central)

Implement jinja2.ext.loopcontrols extensions (break and continue)

Apply whitespace rules for LStrip and Trim to comment blocks

2024-09-12 Version 2.7.3 (Maven Central)

Add support for numeric keys in map literal

Add feature to consider undefined variable a TemplateError

Improve Optional value serialization

Fix bug where extends roots were processed inside of the RenderFilter

Don't allow illegal characters in XmlAttrFilter

Limit string length in + and ~ operators

Fix various RuntimeExceptions in filters and functions

Updates dependency versions

2024-02-12 Version 2.7.2 (Maven Central)

Use interpreter's locale for strftime functions

Prevent infinite hashCode recursion in PyList or PyMap

Support aliasing macro function names in {% from %} tag

Add whitespace trimming functionality for notes and expressions

Add feature to prevent accidental expressions from being output

Add length-limiting to |render filter and add |closehtml filter

Add length-limiting to |tojson filter

Make |pprint filter output in JSON format

Allow for loop with null values

Add length-limiting when coercing strings

Add ECHO_UNDEFINED feature

Various PRs for eager execution to support two-phase rendering.

2023-08-11 Version 2.7.1 (Maven Central)

Introduce {% do %} blocks

Add warnings for unclosed tokens

Fix |default(null) behavior

... (truncated)

Commits

See full diff in compare view

jongyoul · 2026-05-10T14:23:52Z

@dependabot rebase it

Bumps the shell-security-updates group with 1 update in the /shell directory: [com.hubspot.jinjava:jinjava](https://github.com/HubSpot/jinjava). Updates `com.hubspot.jinjava:jinjava` from 2.4.0 to 2.7.6 - [Release notes](https://github.com/HubSpot/jinjava/releases) - [Changelog](https://github.com/HubSpot/jinjava/blob/master/CHANGES.md) - [Commits](https://github.com/HubSpot/jinjava/commits/jinjava-2.7.6) --- updated-dependencies: - dependency-name: com.hubspot.jinjava:jinjava dependency-version: 2.7.6 dependency-type: direct:production dependency-group: shell-security-updates ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels May 6, 2026

dependabot Bot force-pushed the dependabot/maven/shell/shell-security-updates-9b33c9f5e8 branch from 6361a19 to ac29956 Compare May 10, 2026 14:24

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump com.hubspot.jinjava:jinjava from 2.4.0 to 2.7.6 in /shell in the shell-security-updates group across 1 directory#5242

Bump com.hubspot.jinjava:jinjava from 2.4.0 to 2.7.6 in /shell in the shell-security-updates group across 1 directory#5242
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/shell/shell-security-updates-9b33c9f5e8

dependabot Bot commented on behalf of github May 6, 2026 •

edited

Loading

Uh oh!

jongyoul commented May 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github May 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

jinjava-2.7.6

2025-02-02 Version 2.7.6 (Maven Central)

jinjava-2.7.5

2025-09-30 Version 2.7.5 (Maven Central)

jinjava-2.7.4

2024-12-06 Verision 2.7.4 (Maven Central)

jinjava-2.7.3

2024-09-12 Version 2.7.3 (Maven Central)

jinjava-2.7.2

2024-02-12 Version 2.7.2 (Maven Central)

jinjava-2.7.1

2023-08-11 Version 2.7.1 (Maven Central)

2026-02-02 Version 2.7.6 (Maven Central)

2025-10-22 Version 2.8.2 (Maven Central)

2025-09-30 Version 2.7.5 (Maven Central)

2025-09-16 Version 2.8.1 (Maven Central)

2025-05-05 Version 2.8.0 (Maven Central)

2024-12-06 Version 2.7.4 (Maven Central)

2024-09-12 Version 2.7.3 (Maven Central)

2024-02-12 Version 2.7.2 (Maven Central)

2023-08-11 Version 2.7.1 (Maven Central)

Uh oh!

jongyoul commented May 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github May 6, 2026 •

edited

Loading