Skip to content

Update backend non-major#83

Merged
renovate[bot] merged 1 commit into
mainfrom
renovate/backend/backend-non-major
May 2, 2026
Merged

Update backend non-major#83
renovate[bot] merged 1 commit into
mainfrom
renovate/backend/backend-non-major

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 2, 2026

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.postgresql:postgresql (source) 42.7.1042.7.11 age adoption passing confidence
org.flywaydb:flyway-database-postgresql 12.4.012.5.0 age adoption passing confidence
io.sentry.jvm.gradle 6.5.06.6.0 age adoption passing confidence
io.freefair.lombok 9.4.09.5.0 age adoption passing confidence

Release Notes

pgjdbc/pgjdbc (org.postgresql:postgresql)

v42.7.11

Security
  • fix: Limit SCRAM PBKDF2 iterations accepted from the server.
    pgjdbc was vulnerable to a client-side denial of service in SCRAM-SHA-256 authentication, where a malicious or compromised PostgreSQL server could specify an extremely large PBKDF2 iteration count, causing the client to consume unbounded CPU and potentially exhaust connection pools. The fix introduces a new scramMaxIterations connection property (defaulting to 100,000) to cap iteration counts before computation begins.
    See the Security Advisory for more detail.
    The following CVE-2026-42198 has been issued.
Added
  • feat: implement require_auth connection property, aligning with libpq behavior PR #​3895
Changed
  • chore: replace Appveyor CI with ikalnytskyi/action-setup-postgres PR #​3966
  • chore: upgrade Gradle to v9 PR #​3978
Fixed
  • fix: ensure extended protocol messages end with Sync message PR #​3728
  • fix: enable cursor-based fetching in extended protocol when transaction started via SQL command PR #​3996
  • fix: retry with SSL on IOException when sslMode=ALLOW PR #​3973
  • fix: make sure the driver honours connectTimeout when retrying the connection PR #​3968
  • fix: allow fallback to non-SSL connection when sslMode=prefer and sslResponseTimeout kicks in PR #​3968
  • fix: catch SecurityException from setContextClassLoader on ForkJoinPool workers PR #​3962
  • fix: use compareTo for LogSequenceNumber comparison to handle unsigned values correctly PR #​3961
  • fix: release COPY lock on IOException to prevent connection hang PR #​3957
  • fix: return jsonb as PGObject instead of String PR #​3956
  • fix: align SSL key file permission check with libpq PR #​3952
  • fix: guard connection closed flag with a reentrant lock to protect against concurrent close PR #​3905

Configuration

📅 Schedule: (in timezone Europe/Budapest)

  • Branch creation
    • Only on Sunday and Saturday (* * * * 0,6)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested review from KOliver94 and mboldi as code owners May 2, 2026 01:10
@codecov
Copy link
Copy Markdown

codecov Bot commented May 2, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

@renovate renovate Bot merged commit 083a5f7 into main May 2, 2026
4 checks passed
@renovate renovate Bot deleted the renovate/backend/backend-non-major branch May 2, 2026 05:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@KOliver94 KOliver94 Awaiting requested review from KOliver94 KOliver94 is a code owner

@mboldi mboldi Awaiting requested review from mboldi mboldi is a code owner

Assignees

No one assigned

Labels

backend dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants