build(deps): bump org.postgresql:postgresql from 42.5.3 to 42.7.2

[dependabot]

Bumps org.postgresql:postgresql from 42.5.3 to 42.7.2.

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.1

Fixed regressions since 42.7.0

• Revert "Use canonical DateStyle name (#2925)" @​vlsi (#3035)
• Revert "feat: support SET statements combining with other queries with semicolon in PreparedStatement" @​vlsi (#3010)
• chore: use java.release=8 when building pgjdbc from the generated source distribution @​vlsi (#3038), the driver uses Java 8 methods only

Changes

• Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken @​davecramer (#3040)
• perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing @​vlsi (#3044)
• fix: avoid timezone conversions when sending LocalDateTime to the database @​vlsi (#2852)
• fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc @​chrullrich (#2720)

🧰 Maintenance

• chore: bump Gradle to 8.5 @​vlsi (#3045)
• chore: use Java 17 for building pgjdbc, and use --release 8 to target Java 8, add tests with Java 21 and 22 @​vlsi (#3026)
• fedora/rpm: move source build to java-17-openjdk-devel @​praiskup (#3036)
• Update site 42 7 0 @​davecramer (#3004)
• prepared for release 42.7.1 update changelogs @​davecramer (#3037)

⬆️ Dependencies

• fix(deps): update dependency org.checkerframework:org.checkerframework.gradle.plugin to v0.6.36 @​renovate-bot (#3060)
• chore(deps): update plugin biz.aqute.bnd.builder to v7 @​renovate-bot (#3034)
• fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v6 @​renovate-bot (#3056)
• fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v5.2.5 @​renovate-bot (#3032)
• chore(deps): update codecov/codecov-action digest to b0466b4 @​renovate-bot (#3059)
• fix(deps): update checkerframework to v3.41.0 @​renovate-bot (#3058)
• fix(deps): update logback to v1.2.13 @​renovate-bot (#3053)
• chore(deps): update codecov/codecov-action digest to 438fa9e @​renovate-bot (#3051)
• fix(deps): update dependency spotbugs to v4.8.2 @​renovate-bot (#3052)
• chore: bump Gradle to 8.5 @​vlsi (#3045)
• fix(deps): update dependency org.ops4j.pax.url:pax-url-aether to v2.6.14 @​renovate-bot (#3030)
• chore(deps): update plugin org.nosphere.gradle.github.actions to v1.4.0 @​renovate-bot (#3031)
• chore(deps): update dependency ubuntu to v22 @​renovate-bot (#3033)
• fix(deps): update checkerframework @​renovate-bot (#3027)
• fix(deps): update dependency spotbugs to v4.8.1 @​renovate-bot (#3023)
• fix(deps): update dependency uk.org.webcompere:system-stubs-jupiter to v2.1.5 @​renovate-bot (#3024)
• fix(deps): update jmh to v1.37 @​renovate-bot (#3025)
• fix(deps): update dependency com.google.errorprone:error_prone_core to v2.23.0 @​renovate-bot (#3022)
• fix(deps): update junit5 monorepo to v5.10.1 @​renovate-bot (#3015)
• chore(deps): update plugin com.github.burrunan.s3-build-cache to v1.7 @​renovate-bot (#3016)
• chore(deps): update dependency com.typesafe.play:sbt-plugin to v2.9.0 @​renovate-bot (#3021)
• fix(deps): update dependency checkstyle to v10.12.5 @​renovate-bot (#3020)
• chore(deps): update codecov/codecov-action digest to 920a494 @​renovate-bot (#3019)
• chore(deps): update actions/github-script action to v7 @​renovate-bot (#3018)

... (truncated)

Changelog

Sourced from org.postgresql:postgresql's changelog.

Changelog

Notable changes since version 42.0.0, read the complete History of Changes.

The format is based on Keep a Changelog.

[Unreleased]

Changed

Added

• feat: Add PasswordUtil for encrypting passwords client side [PR #3082](pgjdbc/pgjdbc#3082)

Fixed

[42.7.1] (2023-12-06 08:34:00 -0500)

Changed

• perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing [PR #3044](pgjdbc/pgjdbc#3044)

Fixed

• fix: Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken [PR #3040](pgjdbc/pgjdbc#3040)
• fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc [PR #2720](pgjdbc/pgjdbc#2720) Fixes [Issue #2690](pgjdbc/pgjdbc#2720).
• fix: NoSuchMethodError on ByteBuffer#position When Running on Java 8 when accessing arrays, fixes [Issue #3014](pgjdbc/pgjdbc#3014)
• Revert "[PR #2925](pgjdbc/pgjdbc#2925) Use canonical DateStyle name" [PR #3035](pgjdbc/pgjdbc#3035) Fixes [Issue #3008](pgjdbc/pgjdbc#3008)
• Revert "[PR ##2973](pgjdbc/pgjdbc#2973) feat: support SET statements combining with other queries with semicolon in PreparedStatement" [PR #3010](pgjdbc/pgjdbc#3010) Fixes [Issue #3007](pgjdbc/pgjdbc#3007)
• fix: avoid timezone conversions when sending LocalDateTime to the database #2852 Fixes [Issue #1390](pgjdbc/pgjdbc#1390) ,[Issue #2850](pgjdbc/pgjdbc#2850) Closes [Issue #1391(https://redirect.github.com/Fix #1390 LocalDateTime string serialization pgjdbc/pgjdbc#1391)

[42.7.0] (2023-11-20 09:33:00 -0500)

Changed

• fix: Deprecate for removal PGPoint.setLocation(java.awt.Point) to cut dependency to java.desktop module. [PR #2967](pgjdbc/pgjdbc#2967)
• feat: return all catalogs for getCatalogs metadata query closes [ISSUE #2949](pgjdbc/pgjdbc#2949) [PR #2953](pgjdbc/pgjdbc#2953)
• feat: support SET statements combining with other queries with semicolon in PreparedStatement [PR ##2973](pgjdbc/pgjdbc#2973)

Fixed

• chore: add styleCheck Gradle task to report style violations [PR #2980](pgjdbc/pgjdbc#2980)
• fix: Include currentXid in "Error rolling back prepared transaction" exception message [PR #2978](pgjdbc/pgjdbc#2978)
• fix: add varbit as a basic type inside the TypeInfoCache [PR #2960](pgjdbc/pgjdbc#2960)
• fix: Fix failing tests for version 16. [PR #2962](pgjdbc/pgjdbc#2962)
• fix: allow setting arrays with ANSI type name [PR #2952](pgjdbc/pgjdbc#2952)
• feat: Use KeepAlive to confirm LSNs [PR #2941](pgjdbc/pgjdbc#2941)
• fix: put double ' around log parameter [PR #2936](pgjdbc/pgjdbc#2936) fixes [ISSUE #2935](pgjdbc/pgjdbc#2935)
• fix: Fix Issue #2928 number of ports not equal to number of servers in datasource [PR #2929](pgjdbc/pgjdbc#2929)
• fix: Use canonical DateStyle name (#2925) fixes pgbouncer issue
• fix: Method getFastLong should be able to parse all longs [PR #2881](pgjdbc/pgjdbc#2881)
• docs: Fix typos in info.html [PR #2860](pgjdbc/pgjdbc#2860)

... (truncated)

Commits

• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[coderabbitai]

Important

Auto Review Skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

---

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit-tests for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit tests for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit tests.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 50.30%. Comparing base (e3cd67d) to head (2ff0715).
Report is 1 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff            @@
##             master    #5096   +/-   ##
=========================================
  Coverage     50.30%   50.30%           
  Complexity     2011     2011           
=========================================
  Files           388      388           
  Lines         12216    12216           
  Branches       1207     1207           
=========================================
  Hits           6145     6145           
  Misses         5708     5708           
  Partials        363      363           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[stale]

This pull request has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in 14 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

[shoothzj]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[nobodyiam]

see #5112

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.