New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GEODE-10046: bump dependencies #7360
GEODE-10046: bump dependencies #7360
Conversation
This reverts commit d1c0f8f.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As per https://cwiki.apache.org/confluence/display/GEODE/Commit+Message+Format, first commit summary should be under 29 characters (not including bug# or pr#) (yours is 46 characters) and details should explain what the intent of the commit is and why. If you amend your initial commit now and force-push, you can benefit from review feedback on your commit message, and you won't have to remember to fix it later when you merge.
* Bump ben-manes versions from 0.39.0 to 0.42.0 * Bump palantir docker from 0.28.0 to 0.32.0 * Bump fastutil from 8.5.6 to 8.5.8 * Bump java-jq from 1.2.0 to 1.3.0 * Bump jproc from 2.6.2 to 2.8.0 * Bump json-path from 2.6.0 to 2.7.0 * Bump lettuce-core from 6.1.5.RELEASE to 6.1.6.RELEASE * Bump micrometer-core from 1.8.1 to 1.8.2 * Bump mysql-connector-java from 8.0.26 to 8.0.28 * Bump nebula.lint from 17.1.1 to 17.6.1 * Bump netty from 4.1.72.Final to 4.1.74.Final * Bump pmd from 6.41.0 to 6.42.0 * Bump spotless from 5.14.3 to 6.2.2 * Bump spring from 5.3.14 to 5.3.15 * Bump spring-boot-starter from 2.6.2 to 2.6.3 * Bump spring-hateoas from 1.4.0 to 1.4.1 * Bump tomcat from 9.0.56 to 9.0.58
switch to latest version of 3rd-party dependencies. this will extend the shelf-life of eventual Geode 1.16 release and hopefully reduce bugs and cve exposure, or at least give a smaller delta if there is later a cve found that we need to patch for