Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade jgit from the jOOQ-migrations prototype to 6.6.1.202309021850-r #15697

Closed
lukaseder opened this issue Oct 11, 2023 · 2 comments
Closed

Upgrade jgit from the jOOQ-migrations prototype to 6.6.1.202309021850-r #15697

lukaseder opened this issue Oct 11, 2023 · 2 comments
Labels
C: Build C: Functionality E: All Editions P: Medium R: Fixed T: Defect
Projects
3.15 jOOQ Migrations
Milestone
Version 3.19.0

Comments

@lukaseder
Copy link
Member

lukaseder commented Oct 11, 2023
edited

Dependabot suggested this upgrade here:
#15610

We've already merged it in jOOQ 3.19.0, but this might be worth including also in patch releases as:

  • The jOOQ-migrations module is a prototype that no one (?) uses in production (I hope?)
  • The vulnerability CVE-2023-4759 (which is rated 8.8 even if in jOOQ's case, it might as well be rated 1.0, as always) hurt jOOQ's ranking in these braindead automated reports
@lukaseder lukaseder changed the title 6.6.1.202309021850-r Upgrade jgit6.6.1.202309021850-r Oct 11, 2023
@lukaseder lukaseder changed the title Upgrade jgit6.6.1.202309021850-r Upgrade jgit from the jOOQ-migrations prototype to 6.6.1.202309021850-r Oct 11, 2023
@lukaseder lukaseder added this to the Version 3.19.0 milestone Oct 11, 2023
@lukaseder lukaseder added this to To do in 3.19 Other improvements via automation Oct 11, 2023
@lukaseder lukaseder added this to To do in 3.15 jOOQ Migrations via automation Oct 11, 2023
@lukaseder lukaseder removed this from To do in 3.19 Other improvements Oct 11, 2023
@lukaseder
Copy link
Member Author

Fixed in versions

3.15 jOOQ Migrations automation moved this from To do to Done Oct 11, 2023
@lukaseder
Copy link
Member Author

The reason why I didn't backport this upgrade was because jgit 6 seems to require Java 11 now, and I wouldn't want to remove support for the module (even if experimental) in a patch release.

This was referenced Oct 12, 2023
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: Build C: Functionality E: All Editions P: Medium R: Fixed T: Defect
Projects
3.15 jOOQ Migrations
  
Done
Milestone
Version 3.19.0
Development

No branches or pull requests
1 participant
@lukaseder