Bump vaadin-server from 8.0.5 to 8.12.3 in /elements

[dependabot]

Bumps vaadin-server from 8.0.5 to 8.12.3.

Release notes

Sourced from vaadin-server's releases.

Vaadin Framework 8.12.3 is a maintenance release with the following fixes :

• fix: use time-constant comparison for CSRF tokens
• fix: fix: use time-constant comparison for security tokens

See 8.12.3 milestone for all changes

Vaadin Framework 8.12.2 is a maintenance release with the following fixes :

• Update Atmosphere vaadin 2 patch
• Move call to getMessageHandler().onResynchronize() to right place
• Better error handling trying to enable HTML5 DnD for mobile from thread

See 8.12.2 milestone for all changes

Vaadin Framework 8.12.1 is a maintenance release with the following fixes & enhancements:

• #5873 MenuBar: Don't set openRootOnHover when on Android or IOS.
• Binder: Convert value back to representation write back to field when changed
• #12153 Ensure CompositeConnector's root element gets re-measured on resize. (Warranty fix)
• Replace function reference with anonymous class for serialization
• Make checkAtmosphereSupport() non-static Also change call sequence so, that MPR can override ensurePushAvailable() to check Flow Atmosphere instead. (Warranty fix)
• #12139 Tweaks to Grid/Escalator column size handling. Fixes regression due earlier fix #12058
• #8186 Use generated id of the menu item to help testing of the menubar
• Bump jetty.version from 9.4.17.v20190418 to 9.4.35.v20201102 to avoid un-necessary security alerts

See 8.12.1 milestone for all changes

Vaadin Framework 8.12.0 is a feature release contains a number of new features and bug fixes.

Enhancements:

• #12058 Recalculate column widths when vertical scrollbar hidden/shown.
• #12052 Add support for "ww" in date format
• #12050 All updates to Escalator size should get reported to LayoutManager.
• #12045 Ensure type safety and serializable nature of all the listeners
• #12043 Use queue for resync requests (fixes issues with theme changes)
• #12093 Add convenience overloading for setColumn
• #12086 Add API to detect if GridMultiSelect select-all checkbox is checked
• #12070 Added missing MIME types to FileTypeResolver

Bug Fixes

• Bump JUnit from 4.12 to 4.13.1 to avoid false positive security alerts
• Take border into account in Grid editor position when it opens upwards
• Log informative message instead of failing with ClassCastException when polling an obsolete resource
• When a Grid gets scroll-locked, cancel the scrollInProgress handler

Incompatible or Behavior-altering Changes

• Fixed potential security issue related method used by framework by updating Hibernate dependency to version 5.3.6.

See 8.12.0.alpha1, 8.12.0.alpha2, 8.12.0.beta1, 8.12.0 milestone for all changes.

... (truncated)

Commits

• d8ba0a4 Remove outdated IE10 compatibility class (#12193) (#12197)
• 232961b fix: use time-constant comparison for CSRF tokens (#12188) (#12196)
• 560cccc fix: use time-constant comparison for security tokens (#12189) (#12195)
• 3e9873b Update Atmosphere vaadin2 patch (#12181) (#12185)
• 096fc1d Move call to getMessageHandler().onResynchronize(); to right place (#12178) (...
• e07e3d0 Better error handling trying to enable HTML5 DnD for mobile from thread (#121...
• 2f98876 Test tweaks (#12169) (#12174)
• 0ec7644 Update release note for maintenance
• ac65bc7 Bump jetty.version from 9.4.34.v20201102 to 9.4.35.v20201120 (#12164) (#12167)
• 7f69dc5 MenuBar: Don't set openRootOnHover when on Android or IOS. (#12135) (#12166)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[dependabot]

Superseded by #30.