Skip to content

Bump mongodb5.version from 4.11.2 to 4.11.3 #2816

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump mongodb5.version from 4.11.2 to 4.11.3 #2816

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 9, 2024

Bumps mongodb5.version from 4.11.2 to 4.11.3.
Updates org.mongodb:bson from 4.11.2 to 4.11.3

Commits
  • 1335948 Version: bump 4.11.3
  • 55a3498 Connection String (#1467)
  • 720c322 Kotlin: Updated driver metadata (#1461)
  • a0add9c Added Bson-Kotlin Array Codec (#1457)
  • 3fc18bf Ensure Sink.contextView is propagated
  • d988c37 Fix bson-kotlinx encodeNullableSerializableValue null handling (#1453)
  • f339684 Fix getCodec of matching type argument bug (#1339)
  • 1aafa7a Enhance KotlinSerializer with value codecs for widening primitive conversion....
  • 9c73aee Ported tests from bson-kotlinx to bson-kotlin (#1434)
  • 11a4f92 JAVA-5342 Fix encoding generics with nullable type parameters (#1317)
  • Additional commits viewable in compare view

Updates org.mongodb:mongodb-driver-core from 4.11.2 to 4.11.3

Commits
  • 1335948 Version: bump 4.11.3
  • 55a3498 Connection String (#1467)
  • 720c322 Kotlin: Updated driver metadata (#1461)
  • a0add9c Added Bson-Kotlin Array Codec (#1457)
  • 3fc18bf Ensure Sink.contextView is propagated
  • d988c37 Fix bson-kotlinx encodeNullableSerializableValue null handling (#1453)
  • f339684 Fix getCodec of matching type argument bug (#1339)
  • 1aafa7a Enhance KotlinSerializer with value codecs for widening primitive conversion....
  • 9c73aee Ported tests from bson-kotlinx to bson-kotlin (#1434)
  • 11a4f92 JAVA-5342 Fix encoding generics with nullable type parameters (#1317)
  • Additional commits viewable in compare view

Updates org.mongodb:mongodb-driver-legacy from 4.11.2 to 4.11.3

Commits
  • 1335948 Version: bump 4.11.3
  • 55a3498 Connection String (#1467)
  • 720c322 Kotlin: Updated driver metadata (#1461)
  • a0add9c Added Bson-Kotlin Array Codec (#1457)
  • 3fc18bf Ensure Sink.contextView is propagated
  • d988c37 Fix bson-kotlinx encodeNullableSerializableValue null handling (#1453)
  • f339684 Fix getCodec of matching type argument bug (#1339)
  • 1aafa7a Enhance KotlinSerializer with value codecs for widening primitive conversion....
  • 9c73aee Ported tests from bson-kotlinx to bson-kotlin (#1434)
  • 11a4f92 JAVA-5342 Fix encoding generics with nullable type parameters (#1317)
  • Additional commits viewable in compare view

Updates org.mongodb:mongodb-driver-sync from 4.11.2 to 4.11.3

Commits
  • 1335948 Version: bump 4.11.3
  • 55a3498 Connection String (#1467)
  • 720c322 Kotlin: Updated driver metadata (#1461)
  • a0add9c Added Bson-Kotlin Array Codec (#1457)
  • 3fc18bf Ensure Sink.contextView is propagated
  • d988c37 Fix bson-kotlinx encodeNullableSerializableValue null handling (#1453)
  • f339684 Fix getCodec of matching type argument bug (#1339)
  • 1aafa7a Enhance KotlinSerializer with value codecs for widening primitive conversion....
  • 9c73aee Ported tests from bson-kotlinx to bson-kotlin (#1434)
  • 11a4f92 JAVA-5342 Fix encoding generics with nullable type parameters (#1317)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump mongodb5.version from 4.11.2 to 4.11.3
8f386df 
Bumps `mongodb5.version` from 4.11.2 to 4.11.3.

Updates `org.mongodb:bson` from 4.11.2 to 4.11.3
- [Release notes](https://github.com/mongodb/mongo-java-driver/releases)
- [Commits](mongodb/mongo-java-driver@r4.11.2...r4.11.3)

Updates `org.mongodb:mongodb-driver-core` from 4.11.2 to 4.11.3
- [Release notes](https://github.com/mongodb/mongo-java-driver/releases)
- [Commits](mongodb/mongo-java-driver@r4.11.2...r4.11.3)

Updates `org.mongodb:mongodb-driver-legacy` from 4.11.2 to 4.11.3
- [Release notes](https://github.com/mongodb/mongo-java-driver/releases)
- [Commits](mongodb/mongo-java-driver@r4.11.2...r4.11.3)

Updates `org.mongodb:mongodb-driver-sync` from 4.11.2 to 4.11.3
- [Release notes](https://github.com/mongodb/mongo-java-driver/releases)
- [Commits](mongodb/mongo-java-driver@r4.11.2...r4.11.3)

---
updated-dependencies:
- dependency-name: org.mongodb:bson
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.mongodb:mongodb-driver-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.mongodb:mongodb-driver-legacy
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.mongodb:mongodb-driver-sync
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Related to third party dependency updates or migrations java Pull requests that update Java code labels Aug 9, 2024
@ppkarwasz
Copy link
Contributor

ppkarwasz commented Aug 9, 2024

Something is wrong with this PR.

@ppkarwasz ppkarwasz closed this Aug 9, 2024
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 9, 2024

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/maven/2.x/mongodb5.version-4.11.3 branch August 9, 2024 10:53
@vy
Copy link
Member

vy commented Aug 9, 2024

@ppkarwasz, don't we need to configure dependabot to update MongoDB 4 and 5 versions in isolation? Can we achieve this using multiple dependabot.yaml entries containing updates.ignored blocks differentiated with directory property pointing to the associated module? (Version properties need to be moved from the parent to the associated module.)

I guess we need this for SLF4J 1 and 2 too, don't we?

github-actions bot pushed a commit that referenced this pull request Aug 9, 2024
@asf-rm
Update org.mongodb:bson to version 4.11.3 (#2816)
6526f17
@ppkarwasz
Copy link
Contributor

ppkarwasz commented Aug 9, 2024

We have an ignore entry to prevent Dependabot from applying major updates:

logging-log4j2/.github/dependabot.yaml

Lines 118 to 121 in 404ac48

# MongoDB 3.x should only upgrade to 3.x and
# MongoDB 4.x should only upgrade to 4.x
- dependency-name: "org.mongodb:*"
update-types: [ "version-update:semver-major" ]

We can try adding a separate Dependabot execution for log4j-slf4j-impl and log4j-mongodb4.

@vy
Copy link
Member

vy commented Aug 9, 2024

We have an ignore entry to prevent Dependabot from applying major updates:

logging-log4j2/.github/dependabot.yaml

Lines 118 to 121 in 404ac48

# MongoDB 3.x should only upgrade to 3.x and
# MongoDB 4.x should only upgrade to 4.x
- dependency-name: "org.mongodb:*"
update-types: [ "version-update:semver-major" ]

Yes, I am aware of this. But, I have the impression that, instructing dependabot to ignore major updates does not stop it from attempting to update 5.0.1 to 4.11.3, when 1) we have both MongoDB 4 and 5 dependencies and 2) 4.11.3 is freshly released.

That is the reason I think we should

  1. Move version properties, of dependencies that we support multiple major versions, to their dedicated modules
  2. Create dedicated dependabot updates.ignored entries differentiated with directory

@ppkarwasz
Copy link
Contributor

ppkarwasz commented Aug 9, 2024

I tried to apply a fix in f398ac5. Let us see what happens.

@ppkarwasz
Copy link
Contributor

ppkarwasz commented Aug 9, 2024

Apparently it worked #2822, thanks.

@ppkarwasz
Copy link
Contributor

ppkarwasz commented Aug 9, 2024

I spoke too soon. In this PR #2825 Dependabot tries to update the POM for log4j-slf4j-impl, although it has a separate run for log4j-slf4j-impl and log4j-mongodb4.

@vy
Copy link
Member

vy commented Aug 9, 2024

@ppkarwasz, shouldn't we

  1. Ignore all SLF4J and MongoDB updates in the generic dependabot.yaml block
  2. Pin SLF4J 2 updates to 2.x.x

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Related to third party dependency updates or migrations java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ppkarwasz @vy