Bump seed.version from 3.8.5 to 3.9.1

[dependabot-preview]

Bumps seed.version from 3.8.5 to 3.9.1.

Updates seed-core from 3.8.5 to 3.9.1

Release notes

Sourced from seed-core's releases.

v3.9.1

• [new] Support for programmatic login through SecuritySupport interface (no need for Shiro-specific code anymore).
• [chg] Obtaining principals by type now honors inheritance (instead of returning principals of the exact specified type).
• [chg] Principals are no longer required to be serializable.
• [chg] AbstractTransactionManager is now scoped as package.
• [fix] Security authentication and authorization caches are now disabled by default (avoiding to keep credentials indefinitely in memory).

v3.9.0

• [new] Introduce the diag tool to manually write a diagnostic report to standard output or in a file.
• [new] Enable configuration of Undertow error pages for specific HTTP codes or exceptions as well as a default error page (web.server.errorPages config).
• [new] SSL truststore can be configured separately from the master keystore (if no configuration it will default to the Java default truststore).
• [new] A custom X509KeyManager can now be configured to allow control of the chosen key material during SSL handshake.
• [brk] Plain file X509 certificates (outside a keystore) can no longer be configured as it is less secure and not so useful.
• [fix] Remove NullPointerException a Undertow shutdown if the it had not started properly before.

Changelog

Sourced from seed-core's changelog.

Version 3.9.1 (2019-12-17)

• [new] Support for programmatic login through SecuritySupport interface (no need for Shiro-specific code anymore).
• [chg] Obtaining principals by type now honors inheritance (instead of returning principals of the exact specified type).
• [chg] Principals are no longer required to be serializable.
• [chg] AbstractTransactionManager is now scoped as package.
• [fix] Security authentication and authorization caches are now disabled by default (avoiding to keep credentials indefinitely in memory).

Version 3.9.0 (2019-08-12)

• [new] Introduce the diag tool to manually write a diagnostic report to standard output or in a file.
• [new] Enable configuration of Undertow error pages for specific HTTP codes or exceptions as well as a default error page (web.server.errorPages config).
• [new] SSL truststore can be configured separately from the master keystore (if no configuration it will default to the Java default truststore).
• [new] A custom X509KeyManager can now be configured to allow control of the chosen key material during SSL handshake.
• [brk] Plain file X509 certificates (outside a keystore) can no longer be configured as it is less secure and not so useful.
• [fix] Remove NullPointerException a Undertow shutdown if the it had not started properly before.

Commits

• d39a12a Merge pull request #272 from Nheverest/master
• 682cbde update parent
• 38cda36 Circumvent AutoClosable in transactional proxies only when the class implemen...
• a54c8f3 Add test
• 5129293 Security cache disabled by default
• 1ab5531 Update shed to 1.1.6
• 18d90e1 update version to 3.9.1-SNAPSHOT
• b89ce22 Merge pull request #271 from Sherpard/feature/publicTransactionLogger
• 1ab151c Set AbstracTransactionManager as package-private.
• 98888d8 Merge pull request #270 from adrienlauer/sec-login-method
• Additional commits viewable in compare view

Updates seed-testing-junit4 from 3.8.5 to 3.9.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #9.