dependabot: bump com.unboundid:unboundid-ldapsdk from 4.0.9 to 4.0.14 (…

…#3143)

Bumps
[com.unboundid:unboundid-ldapsdk](https://github.com/pingidentity/ldapsdk)
from 4.0.9 to 4.0.14.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pingidentity/ldapsdk/releases">com.unboundid:unboundid-ldapsdk's
releases</a>.</em></p>
<blockquote>
<h2>UnboundID LDAP SDK for Java 4.0.14</h2>
<p>We have just released version 4.0.14 of the <a
href="https://github.com/pingidentity/ldapsdk">UnboundID LDAP SDK for
Java</a>. It is available for download from the releases page of our
GitHub repository (<a
href="https://github.com/pingidentity/ldapsdk/releases">https://github.com/pingidentity/ldapsdk/releases</a>),
from the Files page of our SourceForge repository (<a
href="https://sourceforge.net/projects/ldap-sdk/files/">https://sourceforge.net/projects/ldap-sdk/files/</a>),
and from the Maven Central Repository (<a
href="https://search.maven.org/search?q=g:com.unboundid%20AND%20a:unboundid-ldapsdk&amp;core=gav">https://search.maven.org/search?q=g:com.unboundid%20AND%20a:unboundid-ldapsdk&amp;core=gav</a>).</p>
<p>The LDAP SDK release notes are available at <a
href="https://docs.ldap.com/ldap-sdk/docs/release-notes.html">https://docs.ldap.com/ldap-sdk/docs/release-notes.html</a>,
but the changes included in this release are as follows:</p>
<ul>
<li>
<p>Fixed an issue in which LDAP URLs with consecutive percent-encoded
bytes were not decoded correctly.</p>
</li>
<li>
<p>Fixed an issue that could cause the LDAP SDK to incorrectly handle
data read from a server when the communication was protected with SASL
integrity or confidentiality. Thanks to Boris Danilovich for reporting
the problem and identifying the cause.</p>
</li>
<li>
<p>Fixed an issue that prevented the <code>searchrate</code> tool from
running if neither a base DN pattern nor an LDAP URL pattern was
provided.</p>
</li>
<li>
<p>Improved the logic that the LDAP SDK used when selecting the cipher
suites to use when establishing a TLS-secured connection. Weaker suites
are disabled, and the enabled suites are prioritized so that those
offering forward secrecy and stronger encryption are preferred.</p>
</li>
<li>
<p>Added a new <code>FullLDAPInterface</code> that extends
<code>LDAPInterface</code> and adds support for <code>close</code>,
<code>bind</code>, and <code>processExtendedOperation</code> methods.
The existing <code>LDAPConnection</code>,
<code>AbstractConnectionPool</code>, and
<code>InMemoryDirectoryServer</code> classes have been updated to
implement this interface.</p>
</li>
<li>
<p>Added a new non-final <code>MockableLDAPConnection</code> class that
makes it easier to mock an <code>LDAPConnection</code> instance. It
implements <code>FullLDAPInterface</code> and wraps a provided
<code>LDAPConnection</code>. If you create a
<code>MockableLDAPConnection</code> subclass, then you may override any
of the <code>FullLDAPInterface</code> methods to provide whatever logic
you desire for them. Any non-overridden methods will invoke the
corresponding method on the provided <code>LDAPConnection</code>
instance.</p>
</li>
<li>
<p>Fixed a minor typo in the <code>ldapsearch</code> usage
information</p>
</li>
</ul>
<h2>UnboundID LDAP SDK for Java 4.0.13</h2>
<p>We have just released version 4.0.13 of the <a
href="https://github.com/pingidentity/ldapsdk">UnboundID LDAP SDK for
Java</a>. It is available for download from the releases page of our
GitHub repository (<a
href="https://github.com/pingidentity/ldapsdk/releases">https://github.com/pingidentity/ldapsdk/releases</a>),
from the Files page of our SourceForge repository (<a
href="https://sourceforge.net/projects/ldap-sdk/files/">https://sourceforge.net/projects/ldap-sdk/files/</a>),
and from the Maven Central Repository (<a
href="https://search.maven.org/search?q=g:com.unboundid%20AND%20a:unboundid-ldapsdk&amp;core=gav">https://search.maven.org/search?q=g:com.unboundid%20AND%20a:unboundid-ldapsdk&amp;core=gav</a>).</p>
<p>This is a minor update that is primarily intended to serve the
upcoming Ping Identity Directory Server 8.0.0.0 release. The LDAP SDK
release notes are available online at <a
href="https://docs.ldap.com/ldap-sdk/docs/release-notes.html">https://docs.ldap.com/ldap-sdk/docs/release-notes.html</a>,
but the changes included in this release are as follows:</p>
<ul>
<li>
<p>Added support for debugging connection pool interactions, including
checking out and releasing connections, as well as establishing and
closing connections for use in the pool.</p>
</li>
<li>
<p>Fixed an issue in the prompt trust manager that could cause it to
incorrectly display a warning for some certificates with a basic
constraints extension that included the optional path length
constraint.</p>
</li>
<li>
<p>Updated the <code>manage-certificates
check-certificate-usability</code> command to add an additional check to
see whether the certificate at the root of the chain is found in the
JVM’s default set of trusted issuer certificates. If it is not found,
the tool will display a notice, but it will still complete with a
success result.</p>
</li>
<li>
<p>Fixed an issue in <code>manage-certificates</code> that could prevent
it from correctly showing the key agreement usage when displaying
verbose information about a certificate with the key usage
extension.</p>
</li>
<li>
<p>Fixed an issue that could prevent properly decoding an authority key
identifier extension that included the optional authorityCertIssuer
element in an X.509 certificate.</p>
</li>
<li>
<p>Made the <code>ManageCertificates.readCertificatesFromFile</code>
method public so that it can be used outside of the LDAP SDK. This
method can be used to read a set of PEM-encoded or DER-encoded X.509
certificates from a specified file.</p>
</li>
<li>
<p>Made the
<code>ManageCertificates.readCertificateSigningRequestFromFile</code>
method so that it can be used outside of the LDAP SDK. This method can
be used to read a PEM-encoded or DER-encoded PKCS <a
href="https://redirect.github.com/pingidentity/ldapsdk/issues/10">#10</a>
certificate signing request from a file.</p>
</li>
<li>
<p>Updated the passphrase-encrypted output stream to provide an option
to override the default key factory iteration count.</p>
</li>
<li>
<p>Updated support for the exec task to add an option to specify the
path to use as the current working directory when invoking the specified
command. Previously, the server would always use the server instance
root directory, and that will still be the default if no alternate
working directory is specified.</p>
</li>
<li>
<p>Added an additional <code>StaticUtils.getEnvironmentVariable</code>
method variant that can be used to provide a default value that should
be used if the specified environment variable is not set.</p>
</li>
<li>
<p>Added an additional <code>StaticUtils.getStackTrace</code> method
variant that allows you to limit the number of stack frames to include
from code before the call into the LDAP SDK. Also, updated
<code>StaticUtils.getExceptionMessage</code> when invoked for a
<code>NullPointerException</code> so that it now shows all frames from
the LDAP SDK (and anything that the LDAP SDK calls), and up to three
frames from the code before the call into the LDAP SDK.</p>
</li>
</ul>
<h2>UnboundID LDAP SDK for Java 4.0.12</h2>
<p>We have just released version 4.0.12 of the <a
href="https://github.com/pingidentity/ldapsdk">UnboundID LDAP SDK for
Java</a>. It is available for download from the releases page of our
GitHub repository (<a
href="https://github.com/pingidentity/ldapsdk/releases">https://github.com/pingidentity/ldapsdk/releases</a>),
from the Files page of our SourceForge repository (<a
href="https://sourceforge.net/projects/ldap-sdk/files/">https://sourceforge.net/projects/ldap-sdk/files/</a>),
and from the Maven Central Repository (<a
href="https://search.maven.org/search?q=g:com.unboundid%20AND%20a:unboundid-ldapsdk&amp;core=gav">https://search.maven.org/search?q=g:com.unboundid%20AND%20a:unboundid-ldapsdk&amp;core=gav</a>).</p>
<p>The LDAP SDK release notes are available at <a
href="https://docs.ldap.com/ldap-sdk/docs/release-notes.html">https://docs.ldap.com/ldap-sdk/docs/release-notes.html</a>,
but the changes included in this release are as follows:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pingidentity/ldapsdk/blob/master/docs/release-notes.html">com.unboundid:unboundid-ldapsdk's
changelog</a>.</em></p>
<blockquote>
<pre><code>          &lt;div align=&quot;right&quot;&gt;
</code></pre>
<p>${TARGET=&quot;offline&quot;} <!-- raw HTML omitted -->LDAP SDK Home
Page<!-- raw HTML omitted -->
${TARGET=&quot;offline&quot;}                <!-- raw HTML omitted -->
<!-- raw HTML omitted -->Product Information<!-- raw HTML omitted -->
<!-- raw HTML omitted --></p>
<pre><code>          &lt;h2&gt;Release Notes&lt;/h2&gt;
<pre><code>      &amp;lt;h3&amp;gt;Version 6.0.10&amp;lt;/h3&amp;gt;

      &amp;lt;p&amp;gt;
The following changes were made between the 6.0.9 and 6.0.10 releases:
      &amp;lt;/p&amp;gt;

      &amp;lt;ul&amp;gt;
        &amp;lt;li&amp;gt;
Added a new ReusableRefeerralConnector interface that can be used to
provide a
way of following referrals using a mechanism that doesn't automatically
close
connections after they are used. This allows for the possibility that
connections created for the purpose of following referrals could be used
for
multiple referrals, rather than always closing them after their first
use as was
previously the case. Also, added a new PooledReferralConnector
implementation
that uses connection pools to maintain connections for following
referrals.
          &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
        &amp;lt;/li&amp;gt;

        &amp;lt;li&amp;gt;
Updated the PLAINBindRequest class to add an encodeCredentials method
that can be
used to retrieve a properly encoded representation of the SASL
credentials for a
PLAIN bind request with the given authentication ID, authorization ID,
and
          password.
          &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
        &amp;lt;/li&amp;gt;

        &amp;lt;li&amp;gt;
Updated the JSONNumber class to add getValueAsInteger and getValueAsLong
methods
that will return the value of the number as an Integer or Long,
respectively, but
only if it can do so losslessly. These methods will return null if the
value has
a fractional component or if it is outside the range of the associated
data type.
          &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
        &amp;lt;/li&amp;gt;

        &amp;lt;li&amp;gt;
Updated the JSONNumber class to add a getValueAsDouble method that will
return
the value of the number as a double. This method will never return null,
although the value that is returned may have less precision than the
internal
BigDecimal value, or it may be converted to positive or negative
infinity if the
BigDecimal value is outside the range that can be represented by a
double.
          &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
        &amp;lt;/li&amp;gt;
</code></pre>
<p></code></pre></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/c0fb784eebf9d36a67c736d0428fb3577f2e25bb"><code>c0fb784</code></a>
Fix an issue with percent-decoding of LDAP URLs</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/59b23b675fff9e7f2a3c7da83f4dc5f7295cf38a"><code>59b23b6</code></a>
Allow selecting supported cipher suites</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/e6d19bf654911a72e59a2980a6542a7e6e5fcf4f"><code>e6d19bf</code></a>
Allow selecting supported cipher suites</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/ab920231e5783e55436eba86874855d8d069071f"><code>ab92023</code></a>
Improve TLS cipher suite selection</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/b0bfa203ce45480daf292e068e2bf9ed72a0b218"><code>b0bfa20</code></a>
Fix a GenerateToolUsage issue with no examples</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/54cf10644f43ffc2c909ec06e83fc159eb0ee65d"><code>54cf106</code></a>
Fix a searchrate NPE with no base DN or LDAP URL</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/00bb393c25be6301c0db0e7ee85030f80acc9a38"><code>00bb393</code></a>
Make it easier to mock LDAPConnection</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/d49a006be55675d66ca6e7456a46b6f0d0ee9564"><code>d49a006</code></a>
Fix an issue with SASL integrity/confidentiality</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/e7085c828ce36a12b98bafda3cb67efde70ae628"><code>e7085c8</code></a>
Fix a minor typo in ldapsearch usage</li>
<li><a
href="https://github.com/pingidentity/ldapsdk/commit/e37261b23aa795574c6f9f76a3b487f58c58fb92"><code>e37261b</code></a>
Post 4.0.13 release updates</li>
<li>Additional commits viewable in <a
href="https://github.com/pingidentity/ldapsdk/compare/4.0.9...4.0.14">compare
view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.unboundid:unboundid-ldapsdk&package-manager=gradle&previous-version=4.0.9&new-version=4.0.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit 35357a2)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

build.gradle

@@ -589,9 +589,9 @@ dependencies {
     testImplementation "org.opensearch.plugin:aggs-matrix-stats-client:${opensearch_version}"
     testImplementation "org.apache.logging.log4j:log4j-core:${versions.log4j}"
     testImplementation 'javax.servlet:servlet-api:2.5'
-    testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.9'
+    testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.14'
     testImplementation 'com.github.stephenc.jcip:jcip-annotations:1.0-1'
-    testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.9'
+    testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.14'
     testImplementation 'javax.servlet:servlet-api:2.5'
     testImplementation 'org.apache.httpcomponents:fluent-hc:4.5.13'
     testImplementation "org.apache.kafka:kafka_2.13:${kafka_version}"
@@ -642,7 +642,7 @@ dependencies {
     integrationTestImplementation('org.awaitility:awaitility:4.2.0') {
         exclude(group: 'org.hamcrest', module: 'hamcrest')
     }
-    integrationTestImplementation 'com.unboundid:unboundid-ldapsdk:4.0.9'
+    integrationTestImplementation 'com.unboundid:unboundid-ldapsdk:4.0.14'
 
     //Checkstyle
     checkstyle 'com.puppycrawl.tools:checkstyle:10.12.1'