(arrow) branch main updated: MINOR: [Java] Bump org.apache.commons:commons-dbcp2 from 2.9.0 to 2.12.0 in /java (#40460)

[kou]

This is an automated email from the ASF dual-hosted git repository.

kou pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow.git


The following commit(s) were added to refs/heads/main by this push:
     new 8ed45601f9 MINOR: [Java] Bump org.apache.commons:commons-dbcp2 from 
2.9.0 to 2.12.0 in /java (#40460)
8ed45601f9 is described below

commit 8ed45601f906a5c1b7ff8b5bff53d4cf193ce526
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Tue Mar 12 04:35:10 2024 +0900

    MINOR: [Java] Bump org.apache.commons:commons-dbcp2 from 2.9.0 to 2.12.0 in 
/java (#40460)
    
    Bumps org.apache.commons:commons-dbcp2 from 2.9.0 to 2.12.0.
    
    [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.commons:commons-dbcp2&package-manager=maven&previous-version=2.9.0&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting `@ 
dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@ dependabot rebase` will rebase this PR
    - `@ dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
    - `@ dependabot merge` will merge this PR after your CI passes on it
    - `@ dependabot squash and merge` will squash and merge this PR after your 
CI passes on it
    - `@ dependabot cancel merge` will cancel a previously requested merge and 
block automerging
    - `@ dependabot reopen` will reopen this PR if it is closed
    - `@ dependabot close` will close this PR and stop Dependabot recreating 
it. You can achieve the same result by closing it manually
    - `@ dependabot show <dependency name> ignore conditions` will show all of 
the ignore conditions of the specified dependency
    - `@ dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
    - `@ dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
    - `@ dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
    
    </details>
    
    Authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
    Signed-off-by: Sutou Kouhei <k...@clear-code.com>
---
 java/flight/flight-sql/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/flight/flight-sql/pom.xml b/java/flight/flight-sql/pom.xml
index a0598f70b9..1da6ed2760 100644
--- a/java/flight/flight-sql/pom.xml
+++ b/java/flight/flight-sql/pom.xml
@@ -86,7 +86,7 @@
     <dependency>
       <groupId>org.apache.commons</groupId>
       <artifactId>commons-dbcp2</artifactId>
-      <version>2.9.0</version>
+      <version>2.12.0</version>
       <scope>test</scope>
       <exclusions>
         <exclusion>