Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: bump the other-dependencies group with 7 updates #48

Merged
merged 1 commit into from
Apr 21, 2024
Merged

fix: bump the other-dependencies group with 7 updates #48

merged 1 commit into from
Apr 21, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 21, 2024
edited
Loading

Bumps the other-dependencies group with 7 updates:

Package From To
io.pivotal.spring.cloud:spring-cloud-services-dependencies 4.1.0 4.1.2
io.github.gradle-nexus.publish-plugin 1.3.0 2.0.0
org.jetbrains.kotlin.jvm 1.9.22 1.9.23
org.jetbrains.kotlin.plugin.serialization 1.9.22 1.9.23
org.postgresql:postgresql 42.7.1 42.7.3
com.fasterxml.jackson.datatype:jackson-datatype-jsr310 2.16.1 2.17.0
org.slf4j:slf4j-api 2.0.11 2.0.13

Updates io.pivotal.spring.cloud:spring-cloud-services-dependencies from 4.1.0 to 4.1.2

Release notes

Sourced from io.pivotal.spring.cloud:spring-cloud-services-dependencies's releases.

v4.1.2

This is a maintenance release.

⭐ Fixed Issues

🔨 Dependency Upgrades

  • Upgrade to Spring Boot 3.2.5

v4.1.1

This is a maintenance release.

🔨 Dependency Upgrades

  • Upgrade to Spring Boot 3.2.4
  • Upgrade to Spring Cloud 2023.0.1
  • Upgrade to Java CFEnv 3.1.5
Commits
  • 72b65ae Release v4.1.2
  • 5fef3ca always registers the client RestTemplate, even if oauth2 properties are missi...
  • ac8f56f Adds "Qualifier" to avoid duplicate bean definitions issue (#413)
  • 6950e31 Next development version (v4.1.2-SNAPSHOT) (#411)
  • c4ec3ce Invoked gradle initscript to upgrade project dependencies via OpenRew… (#408)
  • fcdba9f Upgrade java-cfenv (#406)
  • a6a5c25 Updates to gradle 8.5 (#401)
  • 14a69e5 Bump org.jfrog.buildinfo:build-info-extractor-gradle (#398)
  • f9c734a Uses a ConfigDataLocationResolver to configure authorization interceptor (#399)
  • 512c459 Cleanup some unused test resources (#397)
  • Additional commits viewable in compare view

Updates io.github.gradle-nexus.publish-plugin from 1.3.0 to 2.0.0

Updates org.jetbrains.kotlin.jvm from 1.9.22 to 1.9.23

Release notes

Sourced from org.jetbrains.kotlin.jvm's releases.

Kotlin 1.9.23

1.9.23

Apple Ecosystem

  • KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

  • KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

  • KT-53478 Could not load module
  • KT-66044 JDK's new API is used over Kotlin's SDK functions
  • KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
  • KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
  • KT-65634 K/N: data race during monolithic cache creation
  • KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
  • KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

  • KT-65792 Add JSON build report
  • KT-65091 Update compiler metrics in build reports
  • KT-62490 KGP dropping resource directories

Tools. Gradle. JS

  • KT-64119 K/JS: Migrate package manager from Yarn onto NPM
  • KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

  • KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

  • KT-64573 Default value for produceUnpackedKlib was not provided
Changelog

Sourced from org.jetbrains.kotlin.jvm's changelog.

1.9.23

Apple Ecosystem

  • KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

  • KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

  • KT-53478 Could not load module
  • KT-66044 JDK's new API is used over Kotlin's SDK functions
  • KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
  • KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
  • KT-65634 K/N: data race during monolithic cache creation
  • KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
  • KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

  • KT-65792 Add JSON build report
  • KT-65091 Update compiler metrics in build reports
  • KT-62490 KGP dropping resource directories

Tools. Gradle. JS

  • KT-64119 K/JS: Migrate package manager from Yarn onto NPM
  • KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

  • KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

  • KT-64573 Default value for produceUnpackedKlib was not provided
Commits
  • 4c571ac Edit changelog for 1.9.23
  • 1ca6f32 Revert "[Wasm] Implement IrLinkageError end enable partial linker"
  • 3b90682 Add changelog for 1.9.23
  • f327391 Add validation for empty kotlin.build.report.json.directory property
  • 2f19d2e Add JSON output type for build reports
  • 666a2f2 [Wasm] Implement IrLinkageError end enable partial linker
  • 4dc6689 [Native] Support Xcode 15.3 — add back the TargetConditional.h macros
  • d3b2c6f K1: change depr. level of List.getFirst to HIDDEN but don't force it on overr...
  • c041815 K1/K2: add tests for KT-65441 current behavior
  • c262b97 K1: introduce BUILDER_INFERENCE_STUB_PARAMETER_TYPE to prevent compiler crashes
  • Additional commits viewable in compare view

Updates org.jetbrains.kotlin.plugin.serialization from 1.9.22 to 1.9.23

Release notes

Sourced from org.jetbrains.kotlin.plugin.serialization's releases.

Kotlin 1.9.23

1.9.23

Apple Ecosystem

  • KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

  • KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

  • KT-53478 Could not load module
  • KT-66044 JDK's new API is used over Kotlin's SDK functions
  • KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
  • KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
  • KT-65634 K/N: data race during monolithic cache creation
  • KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
  • KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

  • KT-65792 Add JSON build report
  • KT-65091 Update compiler metrics in build reports
  • KT-62490 KGP dropping resource directories

Tools. Gradle. JS

  • KT-64119 K/JS: Migrate package manager from Yarn onto NPM
  • KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

  • KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

  • KT-64573 Default value for produceUnpackedKlib was not provided
Changelog

Sourced from org.jetbrains.kotlin.plugin.serialization's changelog.

1.9.23

Apple Ecosystem

  • KT-65542 Cinterop tasks fails if Xcode 15.3 is used

Backend. Wasm

  • KT-64486 Kotlin/Wasm/WASI exported function callback for coroutines support

Compiler

  • KT-53478 Could not load module
  • KT-66044 JDK's new API is used over Kotlin's SDK functions
  • KT-64640 Prevent mutating SequenceCollection methods from JDK 21 be available on read-only collections
  • KT-65441 K1: Remove JDK 21 getFirst()/getLast() in (Mutable)List interfaces
  • KT-65634 K/N: data race during monolithic cache creation
  • KT-53109 CompilationErrorException generateUnboundSymbolsAsDependencies with builder inference and lambdas
  • KT-52757 Type inference for builders fails if inferred from a function

Tools. Gradle

  • KT-65792 Add JSON build report
  • KT-65091 Update compiler metrics in build reports
  • KT-62490 KGP dropping resource directories

Tools. Gradle. JS

  • KT-64119 K/JS: Migrate package manager from Yarn onto NPM
  • KT-64561 K/JS tests are not executed after upgrade to 1.9.22

Tools. Gradle. Multiplatform

  • KT-65954 commonTest dependencies affect commoMainMetadata compilation

Tools. Gradle. Native

  • KT-64573 Default value for produceUnpackedKlib was not provided
Commits
  • 4c571ac Edit changelog for 1.9.23
  • 1ca6f32 Revert "[Wasm] Implement IrLinkageError end enable partial linker"
  • 3b90682 Add changelog for 1.9.23
  • f327391 Add validation for empty kotlin.build.report.json.directory property
  • 2f19d2e Add JSON output type for build reports
  • 666a2f2 [Wasm] Implement IrLinkageError end enable partial linker
  • 4dc6689 [Native] Support Xcode 15.3 — add back the TargetConditional.h macros
  • d3b2c6f K1: change depr. level of List.getFirst to HIDDEN but don't force it on overr...
  • c041815 K1/K2: add tests for KT-65441 current behavior
  • c262b97 K1: introduce BUILDER_INFERENCE_STUB_PARAMETER_TYPE to prevent compiler crashes
  • Additional commits viewable in compare view

Updates org.postgresql:postgresql from 42.7.1 to 42.7.3

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.3

Changes

v42.7.2

Security

CVE-2024-1597 and Security Advisory addressed. The vulnerability occurs only in non-default preferQueryMode=simple mode and only if a negative place holder -? is used. See the security advisory for details

What's Changed

Full Changelog: pgjdbc/pgjdbc@REL42.7.1...REL42.7.2

Changelog

Sourced from org.postgresql:postgresql's changelog.

[42.7.3] (2024-04-14 14:51:00 -0400)

Changed

Fixed

  • fix: boolean types not handled in SimpleQuery mode [PR #3146](pgjdbc/pgjdbc#3146)
    • make sure we handle boolean types in simple query mode
    • support uuid as well
    • handle all well known types in text mode and change else if to switch
  • fix: released new versions of 42.2.29, 42.3.10, 42.4.5, 42.5.6, 42.6.2 to deal with NoSuchMethodError on ByteBuffer#position when running on Java 8

[42.7.2] (2024-02-21 08:23:00 -0500)

Security

  • security: SQL Injection via line comment generation, it is possible in SimpleQuery mode to generate a line comment by having a placeholder for a numeric with a - such as -?. There must be second placeholder for a string immediately after. Setting the parameter to a -ve value creates a line comment. This has been fixed in this version fixes CVE-2024-1597. Reported by Paul Gerste. See the security advisory for more details. This has been fixed in versions 42.7.2, 42.6.1 42.5.5, 42.4.4, 42.3.9, 42.2.28.jre7. See the security advisory for work arounds.

Changed

Added

Commits

Updates com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.16.1 to 2.17.0

Updates org.slf4j:slf4j-api from 2.0.11 to 2.0.13

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @nickmcdowall.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
fix: bump the other-dependencies group with 7 updates
485ac1a 
Bumps the other-dependencies group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [io.pivotal.spring.cloud:spring-cloud-services-dependencies](https://github.com/pivotal-cf/spring-cloud-services-starters) | `4.1.0` | `4.1.2` |
| io.github.gradle-nexus.publish-plugin | `1.3.0` | `2.0.0` |
| [org.jetbrains.kotlin.jvm](https://github.com/JetBrains/kotlin) | `1.9.22` | `1.9.23` |
| [org.jetbrains.kotlin.plugin.serialization](https://github.com/JetBrains/kotlin) | `1.9.22` | `1.9.23` |
| [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) | `42.7.1` | `42.7.3` |
| com.fasterxml.jackson.datatype:jackson-datatype-jsr310 | `2.16.1` | `2.17.0` |
| org.slf4j:slf4j-api | `2.0.11` | `2.0.13` |


Updates `io.pivotal.spring.cloud:spring-cloud-services-dependencies` from 4.1.0 to 4.1.2
- [Release notes](https://github.com/pivotal-cf/spring-cloud-services-starters/releases)
- [Commits](pivotal-cf/spring-cloud-services-starters@v4.1.0...v4.1.2)

Updates `io.github.gradle-nexus.publish-plugin` from 1.3.0 to 2.0.0

Updates `org.jetbrains.kotlin.jvm` from 1.9.22 to 1.9.23
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/v1.9.23/ChangeLog.md)
- [Commits](JetBrains/kotlin@v1.9.22...v1.9.23)

Updates `org.jetbrains.kotlin.plugin.serialization` from 1.9.22 to 1.9.23
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/v1.9.23/ChangeLog.md)
- [Commits](JetBrains/kotlin@v1.9.22...v1.9.23)

Updates `org.postgresql:postgresql` from 42.7.1 to 42.7.3
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.7.1...REL42.7.3)

Updates `com.fasterxml.jackson.datatype:jackson-datatype-jsr310` from 2.16.1 to 2.17.0

Updates `org.slf4j:slf4j-api` from 2.0.11 to 2.0.13

---
updated-dependencies:
- dependency-name: io.pivotal.spring.cloud:spring-cloud-services-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: other-dependencies
- dependency-name: io.github.gradle-nexus.publish-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: other-dependencies
- dependency-name: org.jetbrains.kotlin.jvm
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: other-dependencies
- dependency-name: org.jetbrains.kotlin.plugin.serialization
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: other-dependencies
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: other-dependencies
- dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: other-dependencies
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: other-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 21, 2024
@dependabot dependabot bot mentioned this pull request Apr 21, 2024
Closed
@nickmcdowall
Copy link
Contributor

@dependabot merge (if checks succeed)

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 21, 2024

Dependabot tried to merge this PR, but received the following error from GitHub:

At least 1 approving review is required by reviewers with write access.

@lukasz-gryzbon lukasz-gryzbon merged commit 2d11ab0 into main Apr 21, 2024
5 checks passed
@dependabot dependabot bot deleted the dependabot/gradle/other-dependencies-64392bfd1d branch April 21, 2024 14:03
@nickmcdowall
Copy link
Contributor

🎉 This PR is included in version 3.0.4 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukasz-gryzbon lukasz-gryzbon lukasz-gryzbon approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nickmcdowall @lukasz-gryzbon