Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the development-dependencies group with 5 updates #2625

Merged
merged 1 commit into from
Feb 16, 2024
Merged

Bump the development-dependencies group with 5 updates #2625

merged 1 commit into from
Feb 16, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2024
edited

Bumps the development-dependencies group with 5 updates:

Package From To
org.apache.httpcomponents.client5:httpclient5 5.1.3 5.1.4
org.hibernate.validator:hibernate-validator 8.0.0.Final 8.0.1.Final
org.xerial.snappy:snappy-java 1.1.8.4 1.1.10.5
com.github.luben:zstd-jni 1.5.0-2 1.5.5-11
io.spring.ge.conventions 0.0.14 0.0.15

Updates org.apache.httpcomponents.client5:httpclient5 from 5.1.3 to 5.1.4

Changelog

Sourced from org.apache.httpcomponents.client5:httpclient5's changelog.

Release 5.1.4

This release upgrades HttpCore to the latest 5.1 version and fixes several of issues found since release 5.1.3.

This is likely to be the last release in the 5.1 release series. Users of HttpClient 5.1 are advised to upgrade to the latest version of 5.2.

Change Log

  • Regression: Multipart body builder and multipart formatters fail to escape special characters such as backslash and quote mark. Contributed by Oleg Kalnichevski

  • HTTPCLIENT-2242: RoutingSupport fails to copy InetAddress when normalizing HttpHost. Contributed by Oleg Kalnichevski

  • HTTPCLIENT-2240: Fixed incorrect CONNECT method initialization in ProxyClient Contributed by Oleg Kalnichevski

  • HTTPCLIENT-2236: MultihomeIOSessionRequester fails to enhance the cause exception in case of connect failure if the remoteAddress argument has been given. Contributed by Oleg Kalnichevski

  • HTTPCLIENT-2232: Last protocol interceptors moved at the end of the H2 protocol processing pipeline. Contributed by Oleg Kalnichevski

  • HTTPCLIENT-2231: A race condition in the main async exec when the request execution on an I/O thread is faster than execution pipeline management on the client thread. Contributed by Oleg Kalnichevski

  • HTTPCLIENT-2225: Connection route calculation does not take the default RequestConfig into account. Contributed by Oleg Kalnichevski

  • HTTPCLIENT-2221: Closing a classic response/entity allows connection reuse. Contributed by Carter Kozak

  • HTTPCLIENT-2212: MinimalHttpAsyncClient fails to release client endpoints in case of a connect error (such as TLS handshake failure). Contributed by Oleg Kalnichevski

  • Create daemon threads in InternalAbstractHttpAsyncClient. Contributed by Richard Hernandez

  • StringBody: Just write the bytes to the output stream. Contributed by John Gallagher jgallagher@slack-corp.com

... (truncated)

Commits
  • f67e99b HttpClient 5.1.4 release
  • d8ad813 Updated release notes for HttpClient 5.1.4 release
  • 478d225 Upgraded HttpCore to version 5.1.5
  • 3f86f9f Regression: Multipart body builder and multipart formatters fail to escape sp...
  • fd295c0 HTTPCLIENT-2242: RoutingSupport fails to copy InetAddress when normalizing Ht...
  • b5a90d5 HTTPCLIENT-2240: fixed incorrect CONNECT method initialization in ProxyClient
  • 4283132 HTTPCLIENT-2236: MultihomeIOSessionRequester fails to enhance the cause excep...
  • 2d6a156 Temporarily removed windows-latest from the Github CI OS matrix due to interm...
  • 47da248 Be more lenient on slower build machines
  • 68d43fe Register the standard GitHub page for a Code of Conduct with a link to
  • Additional commits viewable in compare view

Updates org.hibernate.validator:hibernate-validator from 8.0.0.Final to 8.0.1.Final

Changelog

Sourced from org.hibernate.validator:hibernate-validator's changelog.

8.0.1.Final (2023-06-20)

** Bug * HV-1949 Nondeterministic behavior of HibernateValidator (in springboot?) when both annotation and xml-based definition are used * HV-1932 Incomplete @​Positive annotation's default message in fr * HV-1939 Annotations on constructors of named classes declared in method get ignored

** Improvement * HV-1943 Some french validation messages are not quite accurate * HV-1941 Add support for European Portuguese for ValidationMessages * HV-1927 Use Executable#getAnnotatedParameterTypes() instead of Executable#getGenericParameterTypes()

** Task * HV-1956 Update Weld test dependency to 5.1.1.Final * HV-1954 Test Hibernate Validator against JDK 22 * HV-1944 Upgraded JBoss Logging, Maven Enforcer plugin and Guava to latest version * HV-1938 Update ByteBuddy test dependency to 1.13.0 * HV-1935 Test Hibernate Validator against JDK 21 * HV-1934 Upgrade to hibernate-asciidoctor-theme 1.0.6

Commits
  • 4558b3b [Jenkins release job] Preparing release 8.0.1.Final
  • b8a727f [Jenkins release job] changelog.txt updated by release build 8.0.1.Final
  • ba75a7f [Jenkins release job] README.md updated by release build 8.0.1.Final
  • 1cbab63 HV-1956 Bump weld-core-impl from 5.0.1.Final to 5.1.1.Final
  • bb3cd1d HV-1944: Upgraded JBoss Logging, Guava and Maven Enforcer plugin
  • 3528b2c HV-1941 european portuguese validation messages
  • 8dab6f2 HV-1939 Test constructor validation on inner classes declared in methods
  • 58466ed HV-1939 Work around JDK-8303112
  • f38c0ee HV-1939 Fix compilation in IDEA
  • 2065108 HV-1949 Load constraint validators from a Service Loader first
  • Additional commits viewable in compare view

Updates org.xerial.snappy:snappy-java from 1.1.8.4 to 1.1.10.5

Release notes

Sourced from org.xerial.snappy:snappy-java's releases.

v1.1.10.5

What's Changed

🚀 Features

🐛 Bug Fixes

🔗 Dependency Updates

New Contributors

Full Changelog: xerial/snappy-java@v1.1.10.4...v1.1.10.5

v1.1.10.4

What's Changed

Security Fix

  • CVE-2023-43642 Fixed SnappyInputStream so as not to allocate too large memory when decompressing data with an extremely large chunk size by @​tunnelshade (code change)
    • This does not affect users only using Snappy.compress/uncompress methods

🚀 Features

  • feature: Upgrade the internal snappy version to 1.1.10 (1.1.8 was wrongly used before) by @​xerial in xerial/snappy-java#508
  • Support JDK21 (no internal change)

🔗 Dependency Updates

🛠 Internal Updates

... (truncated)

Commits
  • 08abfa4 Update native libraries for 4b2c1e89a42bc1fc715199974140f93cefe37d71 (#521)
  • 4b2c1e8 win-aarch64 (fix): Fix dll name (#520)
  • 0fff1ac Update native libraries for e6d1196bc68dd76d19e915ee0124c4d42b020ef2 (#519)
  • e6d1196 internal fix: Use Windows-aarch64 target name and compiler options (#518)
  • 3c67a7b ppc64-le (Fix): Use an LTS-version of cross-compiler for Linux ppc64-le (#516)
  • 67f5d26 Bump jwlawson/actions-setup-cmake from 1.13 to 1.14 (#514)
  • ee96b64 Feature: Add Windows arm64 support (#511)
  • 0016fed Fix GLIBC_2.32 not found error on IBM PowerPC LE RedHat 8.6 OS (required by /...
  • 681b2e1 internal: Support JDK21 (#510)
  • 9f8c3cf Merge pull request from GHSA-55g7-9cwv-5qfv
  • Additional commits viewable in compare view

Updates com.github.luben:zstd-jni from 1.5.0-2 to 1.5.5-11

Commits
  • a3c3d7d v1.5.5-11
  • b2ad383 After an exception, only release the cctx lock once
  • 9a5c4b2 Fix flaky test
  • 475ed5d More robust error handling
  • 96be04a Handle Zstd parameter switches correctly
  • b55246e Improve docs
  • ae1ad52 Create sequence producer tests
  • e4ad211 Improve javadocs
  • 53e2087 Allocate seqprod state during registration, so that each compression context ...
  • 220e990 Make SequenceProducer interface visible
  • Additional commits viewable in compare view

Updates io.spring.ge.conventions from 0.0.14 to 0.0.15

Release notes

Sourced from io.spring.ge.conventions's releases.

v0.0.15

⭐ New Features

  • Don't publish build scans when the properties task may run #69

🔨 Dependency Upgrades

  • Upgrade to Gradle Enterprise Gradle Plugin 3.16 #68
Commits
  • 5490574 Release v0.0.15
  • 49fa7c8 Update README to reflect support for Gradle 8
  • e53c01c Upgrade CI image to Java 8u392+9
  • 27a3120 Upgrade CI image to ubuntu:jammy-20231211.1
  • 19d02ba Disable build scans when properties task may have run
  • ecce1e1 Upgrade to Gradle Enterprise Gradle Plugin 3.16.1
  • a0b5077 Authenticate with Docker Hub to pull github-release image
  • a457cd4 Authenticate with Docker Hub to pull release-related images
  • 99e8389 Next development version (v0.0.15-SNAPSHOT)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added the type: dependency-upgrade Pull requests that update a dependency file label Feb 16, 2024
@github-actions github-actions bot added type: task and removed type: dependency-upgrade Pull requests that update a dependency file labels Feb 16, 2024
@github-actions github-actions bot added this to the 3.0.11 milestone Feb 16, 2024
@github-actions github-actions bot enabled auto-merge (squash) February 16, 2024 17:14
@dependabot dependabot bot force-pushed the dependabot/gradle/3.0.x/development-dependencies-d21b12027c branch from e54bbd1 to 90fe337 Compare February 16, 2024 17:18
@dependabot
Bump the development-dependencies group with 5 updates
dc29343 
Bumps the development-dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) | `5.1.3` | `5.1.4` |
| [org.hibernate.validator:hibernate-validator](https://github.com/hibernate/hibernate-validator) | `8.0.0.Final` | `8.0.1.Final` |
| [org.xerial.snappy:snappy-java](https://github.com/xerial/snappy-java) | `1.1.8.4` | `1.1.10.5` |
| [com.github.luben:zstd-jni](https://github.com/luben/zstd-jni) | `1.5.0-2` | `1.5.5-11` |
| [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) | `0.0.14` | `0.0.15` |


Updates `org.apache.httpcomponents.client5:httpclient5` from 5.1.3 to 5.1.4
- [Changelog](https://github.com/apache/httpcomponents-client/blob/rel/v5.1.4/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-client@rel/v5.1.3...rel/v5.1.4)

Updates `org.hibernate.validator:hibernate-validator` from 8.0.0.Final to 8.0.1.Final
- [Changelog](https://github.com/hibernate/hibernate-validator/blob/main/changelog.txt)
- [Commits](hibernate/hibernate-validator@8.0.0.Final...8.0.1.Final)

Updates `org.xerial.snappy:snappy-java` from 1.1.8.4 to 1.1.10.5
- [Release notes](https://github.com/xerial/snappy-java/releases)
- [Commits](xerial/snappy-java@1.1.8.4...v1.1.10.5)

Updates `com.github.luben:zstd-jni` from 1.5.0-2 to 1.5.5-11
- [Commits](luben/zstd-jni@v1.5.0-2...v1.5.5-11)

Updates `io.spring.ge.conventions` from 0.0.14 to 0.0.15
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](spring-io/gradle-enterprise-conventions@v0.0.14...v0.0.15)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: org.hibernate.validator:hibernate-validator
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: org.xerial.snappy:snappy-java
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: com.github.luben:zstd-jni
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/gradle/3.0.x/development-dependencies-d21b12027c branch from 90fe337 to dc29343 Compare February 16, 2024 17:18
@github-actions github-actions bot merged commit 566c1ec into 3.0.x Feb 16, 2024
3 checks passed
@dependabot dependabot bot deleted the dependabot/gradle/3.0.x/development-dependencies-d21b12027c branch February 16, 2024 17:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
type: task
Projects
None yet
Milestone
3.0.11
Development

Successfully merging this pull request may close these issues.

None yet
0 participants