Bump the java-production-dependencies group with 5 updates #42

dependabot · 2024-01-01T22:33:29Z

Bumps the java-production-dependencies group with 5 updates:

Package	From	To
org.cryptomator:siv-mode	`1.4.4`	`1.5.0`
com.google.code.gson:gson	`2.8.9`	`2.10.1`
com.google.guava:guava	`32.0.0-jre`	`33.0.0-jre`
org.slf4j:slf4j-api	`1.7.35`	`2.0.10`
org.slf4j:slf4j-simple	`1.7.35`	`2.0.10`

Updates org.cryptomator:siv-mode from 1.4.4 to 1.5.0

Release notes

Sourced from org.cryptomator:siv-mode's releases.

1.5.0

Maven Coordinates
  <dependency>
    <groupId>org.cryptomator</groupId>
    <artifactId>siv-mode</artifactId>
    <version>1.5.0</version>
  </dependency>
Artifact Checksums
dd4298094ef9ce7d658edf9b5416e28ca9c30a961c4ea67a756f9951180e870d  target/original-siv-mode-1.5.0.jar
7f5a4740c2575c5d5ff86bf818c3f1d68411ff6035b6549176a381e0eacb2c6b  target/siv-mode-1.5.0-javadoc.jar
16694b858fb988f6827b8ffc0f15d75bb713f17ec81c61bf8ad23636a6f3cbb5  target/siv-mode-1.5.0-sources.jar
08334a3047a61908c68b049877b0ace081367a2a84dee1a346e4c6c5de620b32  target/siv-mode-1.5.0.jar
See README.md section regarding reproducing this build.

What's Changed

What's New 🎉

Added org.jetbrains.annotations (compile-time)

#19 Make build reproducible

Other Changes 📎

Bump build & test dependencies

Full Changelog: cryptomator/siv-mode@1.4.4...1.5.0

Commits

7a1fe68 Merge branch 'release/1.5.0'
1acf5ff prepare version 1.5.0
773590b Merge pull request #19 from cryptomator/feature/reproducible-builds
715d6a9 attempt to fix multiline string output
b99619e include sha256 sums of artifacts in release notes
a45630e use a fixed locale for javadoc generation
98fc890 fix javadoc warning
41dc1d1 set outputTimestamp within valid range
6e6673d Merge branch 'develop' into feature/reproducible-builds
6f6fdd5 remove codacy coverage report
Additional commits viewable in compare view

Updates com.google.code.gson:gson from 2.8.9 to 2.10.1

Release notes

Sourced from com.google.code.gson:gson's releases.

Gson 2.10.1

This is technically a minor release rather than a patch release because there is one small API change: a new JsonObject.isEmpty() method.

What's Changed: User-Visible Changes

Added JsonObject method isEmpty() by @dhoard in google/gson#2233

Fix non-threadsafe creation of adapter for type with cyclic dependency by @Marcono1234 in google/gson#1832

Remove EOFException special casing of JsonStreamParser.next() by @Marcono1234 in google/gson#2281

Improve exception message for duplicate field names by @Marcono1234 in google/gson#2251

Fix the javadoc of JsonDeserializer.deserialize() by @MaicolAntali in google/gson#2243

Bump os-maven-plugin from 1.7.0 to 1.7.1 by @dependabot in google/gson#2235

Bump jackson-databind from 2.13.4.2 to 2.14.0 by @dependabot in google/gson#2234

Bump maven-release-plugin from 3.0.0-M6 to 3.0.0-M7 by @dependabot in google/gson#2232

Bump japicmp-maven-plugin from 0.16.0 to 0.17.1 by @dependabot in google/gson#2238

Bump jackson-databind from 2.14.0 to 2.14.1 by @dependabot in google/gson#2241

Bump bnd-maven-plugin from 6.3.1 to 6.4.0 by @dependabot in google/gson#2245

Site Documentation and Maintenance Changes (these were already visible)

Add troubleshooting guide by @Marcono1234 in google/gson#2285

Replace custom user guide header anchors by @Marcono1234 in google/gson#2289

Improve variable names in user guide by @Marcono1234 in google/gson#2290

Add 2.10 changes to CHANGELOG; minor release follow-ups by @Marcono1234 in google/gson#2229

Mention in CHANGELOG that GitHub Releases are used in the future by @Marcono1234 in google/gson#2230

GitHub Workflows security hardening by @sashashura in google/gson#2274

Other Changes

Making consistent prefixs in PerformanceTest by @CirQ in google/gson#1760

Adjust version numbers and a test to conform to the SemVer spec. by @eamonnmcmanus in google/gson#2237

Remove covered condition in JsonNull.equals() by @MaicolAntali in google/gson#2271

Remove the final keyword from private method by @MaicolAntali in google/gson#2276

Code cleanup by @MaicolAntali in google/gson#2282

Unnecessary unboxing at JsonPrimitive.getAsBoolean() by @MaicolAntali in google/gson#2277

Rewrite the testParsingDatesFormattedWithSystemLocale(), Fix #2199 by @MaicolAntali in google/gson#2287

Port tests from JUnit 3 to JUnit 4 by @MaicolAntali in google/gson#2294

New Contributors (thanks!)

@CirQ made their first contribution in google/gson#1760

@dhoard made their first contribution in google/gson#2233

@MaicolAntali made their first contribution in google/gson#2243

@sashashura made their first contribution in google/gson#2274

Full Changelog: google/gson@gson-parent-2.10...gson-parent-2.10.1

Gson 2.10

Most important changes

Support for serializing and deserializing Java records, on Java ≥ 16. (#2201)

Add JsonArray.asList and JsonObject.asMap view methods (#2225)

Fix TypeAdapterRuntimeTypeWrapper not detecting reflective TreeTypeAdapter and FutureTypeAdapter (#1787)

... (truncated)

Changelog

Sourced from com.google.code.gson:gson's changelog.

Change Log

The change log for versions newer than 2.10 is available only on the GitHub Releases page.

Version 2.10

Support for serializing and deserializing Java records, on Java ≥ 16. (google/gson#2201)

Add JsonArray.asList and JsonObject.asMap view methods (google/gson#2225)

Fix TypeAdapterRuntimeTypeWrapper not detecting reflective TreeTypeAdapter and FutureTypeAdapter (google/gson#1787)

Improve JsonReader.skipValue() (google/gson#2062)

Perform numeric conversion for primitive numeric type adapters (google/gson#2158)

Add Gson.fromJson(..., TypeToken) overloads (google/gson#1700)

Fix changes to GsonBuilder affecting existing Gson instances (google/gson#1815)

Make JsonElement conversion methods more consistent and fix javadoc (google/gson#2178)

Throw UnsupportedOperationException when JsonWriter.jsonValue is not supported (google/gson#1651)

Disallow JsonObject Entry.setValue(null) (google/gson#2167)

Fix TypeAdapter.toJson throwing AssertionError for custom IOException (google/gson#2172)

Convert null to JsonNull for JsonArray.set (google/gson#2170)

Fixed nullSafe usage. (google/gson#1555)

Validate TypeToken.getParameterized arguments (google/gson#2166)

Fix #1702: Gson.toJson creates CharSequence which does not implement toString (google/gson#1703)

Prefer existing adapter for concurrent Gson.getAdapter calls (google/gson#2153)

Improve ArrayTypeAdapter for Object[] (google/gson#1716)

Improve AppendableWriter performance (google/gson#1706)

Version 2.9.1

Make Object and JsonElement deserialization iterative rather than recursive (google/gson#1912)

Added parsing support for enum that has overridden toString() method (google/gson#1950)

Removed support for building Gson with Gradle (google/gson#2081)

Removed obsolete codegen hierarchy (google/gson#2099)

Add support for reflection access filter (google/gson#1905)

Improve TypeToken creation validation (google/gson#2072)

Add explicit support for float in JsonWriter (google/gson#2130, google/gson#2132)

Fail when parsing invalid local date (google/gson#2134)

Also many small improvements to javadoc.

Version 2.9.0

The minimum supported Java version changes from 6 to 7.

Change target Java version to 7 (google/gson#2043)

Put module-info.class into Multi-Release JAR folder (google/gson#2013)

Improve error message when abstract class cannot be constructed (google/gson#1814)

Support EnumMap deserialization (google/gson#2071)

Add LazilyParsedNumber default adapter (google/gson#2060)

Fix JsonReader.hasNext() returning true at end of document (google/gson#2061)

... (truncated)

Commits

2ce6a61 [maven-release-plugin] prepare release gson-parent-2.10.1
1a2170b Port tests from JUnit 3 to JUnit 4 (#2294)
4aaf138 Improve variable names in user guide (#2290)
a19d53f Replace custom user guide header anchors (#2289)
6c12ded Rewrite the testParsingDatesFormattedWithSystemLocale(), Fix #2199 (#2287)
f2f53fb Add troubleshooting guide (#2285)
f63a1b8 Remove EOFException special casing of JsonStreamParser.next() (#2281)
6c3cf22 Unnecessary unboxing at JsonPrimitive.getAsBoolean() (#2277)
0a42c31 Code cleanup (#2282)
28affcb Remove the final keyword from private method (#2276)
Additional commits viewable in compare view

Updates com.google.guava:guava from 32.0.0-jre to 33.0.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.0.0

Maven
<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.0.0-jre</version>
  
  <version>33.0.0-android</version>
</dependency>
Jar files

33.0.0-jre.jar

33.0.0-android.jar

Guava requires one runtime dependency, which you can download here:

failureaccess-1.0.1.jar

Javadoc

33.0.0-jre

33.0.0-android

JDiff

33.0.0-jre vs. 32.1.3-jre

33.0.0-android vs. 32.1.3-android

33.0.0-android vs. 33.0.0-jre

Changelog

This version of guava-android contains some package-private methods whose signature includes the Java 8 Collector API. This is a test to identify any problems before we expose those methods publicly to users. Please report any problems that you encounter. (73dbf7ef26)

Changed various classes to catch Exception instead of RuntimeException even when only RuntimeException is theoretically possible. This can help code that throws undeclared exceptions, as some bytecode rewriters (e.g., Robolectric) and languages (e.g., Kotlin) do. (c294c23760, 747924e, b2baf48)

Added an Automatic-Module-Name to failureaccess, Guava's one strong runtime dependency. (280b5d2f60)

reflect: In guava-android only, removed Invokable.getAnnotatedReturnType() and Parameter.getAnnotatedType(). These methods never worked in an Android VM, and to reflect that, they were born @Deprecated, @Beta, and @DoNotCall. They're now preventing us from rolling out some new Android compatibility testing. This is the only binary-incompatible change in this release, and it should have no effect in practice. Still, we bump the major version number to follow Semantic Versioning. (045cd8428f)

util.concurrent: Changed our implementations to avoid eagerly initializing loggers during class loading. This can help performance, especially under Android. (4fe1df56bd)

32.1.3

Maven
<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>32.1.3-jre</version>
  
</tr></table>

... (truncated)

Commits

See full diff in compare view

Updates org.slf4j:slf4j-api from 1.7.35 to 2.0.10

Updates org.slf4j:slf4j-simple from 1.7.35 to 2.0.10

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the java-production-dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [org.cryptomator:siv-mode](https://github.com/cryptomator/siv-mode) | `1.4.4` | `1.5.0` | | [com.google.code.gson:gson](https://github.com/google/gson) | `2.8.9` | `2.10.1` | | [com.google.guava:guava](https://github.com/google/guava) | `32.0.0-jre` | `33.0.0-jre` | | org.slf4j:slf4j-api | `1.7.35` | `2.0.10` | | org.slf4j:slf4j-simple | `1.7.35` | `2.0.10` | Updates `org.cryptomator:siv-mode` from 1.4.4 to 1.5.0 - [Release notes](https://github.com/cryptomator/siv-mode/releases) - [Commits](cryptomator/siv-mode@1.4.4...1.5.0) Updates `com.google.code.gson:gson` from 2.8.9 to 2.10.1 - [Release notes](https://github.com/google/gson/releases) - [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md) - [Commits](google/gson@gson-parent-2.8.9...gson-parent-2.10.1) Updates `com.google.guava:guava` from 32.0.0-jre to 33.0.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `org.slf4j:slf4j-api` from 1.7.35 to 2.0.10 Updates `org.slf4j:slf4j-simple` from 1.7.35 to 2.0.10 --- updated-dependencies: - dependency-name: org.cryptomator:siv-mode dependency-type: direct:production update-type: version-update:semver-minor dependency-group: java-production-dependencies - dependency-name: com.google.code.gson:gson dependency-type: direct:production update-type: version-update:semver-minor dependency-group: java-production-dependencies - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-major dependency-group: java-production-dependencies - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-major dependency-group: java-production-dependencies - dependency-name: org.slf4j:slf4j-simple dependency-type: direct:development update-type: version-update:semver-major dependency-group: java-production-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-02-01T22:31:08Z

Superseded by #48.

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jan 1, 2024

dependabot bot mentioned this pull request Jan 1, 2024

Bump the java-production-dependencies group with 5 updates #41

Closed

dependabot bot closed this Feb 1, 2024

dependabot bot deleted the dependabot/maven/java-production-dependencies-d455439154 branch February 1, 2024 22:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the java-production-dependencies group with 5 updates #42

Bump the java-production-dependencies group with 5 updates #42

dependabot bot commented on behalf of github Jan 1, 2024 •

edited

Loading

dependabot bot commented on behalf of github Feb 1, 2024

Bump the java-production-dependencies group with 5 updates #42

Bump the java-production-dependencies group with 5 updates #42

Conversation

dependabot bot commented on behalf of github Jan 1, 2024 • edited Loading

1.5.0

Maven Coordinates

Artifact Checksums

What's Changed

What's New 🎉

Other Changes 📎

Gson 2.10.1

What's Changed: User-Visible Changes

Site Documentation and Maintenance Changes (these were already visible)

Other Changes

New Contributors (thanks!)

Gson 2.10

Most important changes

Change Log

Version 2.10

Version 2.9.1

Version 2.9.0

33.0.0

Maven

Jar files

Javadoc

JDiff

Changelog

32.1.3

Maven

dependabot bot commented on behalf of github Feb 1, 2024

dependabot bot commented on behalf of github Jan 1, 2024 •

edited

Loading