dependabot[bot] opened a new pull request, #20651: URL: https://github.com/apache/camel/pull/20651
Bumps [com.cedarsoftware:java-util](https://github.com/jdereg/java-util) from 4.70.0 to 4.72.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jdereg/java-util/blob/master/changelog.md";>com.cedarsoftware:java-util's changelog</a>.</em></p> <blockquote> <h4>4.72.0 - 2025-12-31</h4> <ul> <li><strong>BUG FIX</strong>: Fixed Jackson dependencies incorrectly declared without <code><scope>test</scope></code>. Jackson (jackson-databind, jackson-dataformat-xml) is only used for testing and should not be a transitive dependency. This restores java-util's zero external runtime dependencies.</li> <li><strong>BUG FIX</strong>: Fixed <code>ThreadedLRUCacheStrategy</code> scheduled task accumulation. When <code>CaseInsensitiveMap.replaceCache()</code> was called multiple times, each new cache scheduled a purge task that was never cancelled. These orphaned tasks accumulated and could overwhelm the scheduler thread. Now: <ul> <li><code>ThreadedLRUCacheStrategy.shutdown()</code> properly cancels the scheduled purge task</li> <li><code>LRUCache.shutdown()</code> delegates to the strategy's shutdown</li> <li><code>CaseInsensitiveMap.replaceCache()</code> calls shutdown on the old cache before replacing</li> </ul> </li> <li><strong>UPDATED</strong>: Test dependencies updated to latest versions: <ul> <li>jackson-databind: 2.17.2 → 2.20.1</li> <li>jackson-dataformat-xml: 2.17.2 → 2.20.1</li> </ul> </li> </ul> <h4>4.71.0 - 2025-12-31</h4> <ul> <li><strong>PERFORMANCE</strong>: <code>MultiKeyMap.expandAndHash()</code> - Multiple optimizations for faster key processing: <ul> <li><strong>Fast-path for common leaf types</strong>: Added early-exit check for common final types (String, Integer, Long, Double, Boolean, Short, Byte, Character, Float) using class identity comparison (<code>==</code>) instead of falling through the <code>instanceof</code> chain. Since these are the most frequent key types, checking them first skips the more expensive <code>instanceof</code> checks (Map, Set, Collection) for 80%+ of calls.</li> <li><strong>Array detection optimization</strong>: Replaced <code>isArray()</code> with <code>getComponentType() != null</code> for slight additional speedup.</li> <li><strong>Set allocation elimination</strong>: Eliminated per-element ArrayList allocation when processing Sets. Previously created N temporary ArrayLists and N <code>addAll()</code> calls for a Set with N elements. Now adds elements directly to result list.</li> <li><strong>Benchmark impact</strong>: 3 additional wins vs Apache Commons MultiKeyMap (29 wins vs 26 before), converting ties to wins with no new losses.</li> </ul> </li> <li><strong>PERFORMANCE</strong>: <code>MultiKeyMap.keysMatch()</code> - Removed redundant conditional check where both branches performed identical operations.</li> <li><strong>PERFORMANCE</strong>: <code>Converter.getInheritedConverter()</code> - Added caching for inheritance pairs: <ul> <li><strong>cacheCompleteHierarchy</strong>: Caches full type hierarchy including level 0</li> <li><strong>cacheInheritancePairs</strong>: Uses MultiKeyMap to cache sorted pairs per (source, target)</li> <li><strong>InheritancePair class</strong>: Holds cached pair data without instanceId</li> <li>First call for each (source, target) pair builds and caches the sorted pairs. Subsequent calls use O(1) cache lookup + iteration over pre-sorted list.</li> </ul> </li> <li><strong>IMPROVED</strong>: <code>Converter.getSupportedConversions()</code> and <code>allSupportedConversions()</code> - Now correctly report all dynamic container conversions: <ul> <li>Array/Collection conversions: Object[] ↔ Collection, array to array</li> <li>Enum conversions: Array/Collection/Map to Enum (creates EnumSet), EnumSet to Collection/Object[]</li> <li><code>isConversionSupportedFor()</code>: Added optimistic handling for Object[] source component type - returns true when source component is Object.class (can't know actual element types at compile time)</li> </ul> </li> <li><strong>CLEANUP</strong>: <code>FastReader</code> - Removed unused extended API methods that were never utilized by json-io: <ul> <li>Deprecated: <code>getLine()</code> and <code>getCol()</code> now return 0 (line/column tracking removed for performance)</li> <li>Removed line/column tracking overhead from hot path</li> <li><code>getLastSnippet()</code> provides error context without per-character tracking cost</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jdereg/java-util/commit/a35f387ab09dcad90003e462ad15ceb817fa100b";><code>a35f387</code></a> Fix broken link in changelog.md to userguide anchor</li> <li><a href="https://github.com/jdereg/java-util/commit/fbc4a69807f923bdf64ca1879024cd3cd0d0703b";><code>fbc4a69</code></a> Update changelog for ThreadedLRUCacheStrategy fix</li> <li><a href="https://github.com/jdereg/java-util/commit/386f1c0add6328638065a103907923f172dcbf26";><code>386f1c0</code></a> Fix ThreadedLRUCacheStrategy scheduled task accumulation causing test hangs</li> <li><a href="https://github.com/jdereg/java-util/commit/25077e5ef1cdd852cab605f86a2131ce5be50c1f";><code>25077e5</code></a> Revert "Fix CaseInsensitiveCacheContentionTest hanging during release builds"</li> <li><a href="https://github.com/jdereg/java-util/commit/93c2f930ea912c23a2e0a0d8bb244f74fd2fca1b";><code>93c2f93</code></a> Fix CaseInsensitiveCacheContentionTest hanging during release builds</li> <li><a href="https://github.com/jdereg/java-util/commit/ccf66b4a548ff45a150409f7b914fc3b64a8519c";><code>ccf66b4</code></a> Release 4.72.0 - Fix Jackson dependency scope</li> <li><a href="https://github.com/jdereg/java-util/commit/70ecfe1c0025cdcefb9dd0e038d37a6faf1b514d";><code>70ecfe1</code></a> Remove changelog references to unreleased functionality</li> <li><a href="https://github.com/jdereg/java-util/commit/0e724df3e46498cbf33354097c5312458fe0c529";><code>0e724df</code></a> Consolidate changelog entries under 4.71.0</li> <li><a href="https://github.com/jdereg/java-util/commit/fe568d915ebaf746013420f3ccd9c4510eaf9501";><code>fe568d9</code></a> Update changelog for 4.71.0 - document FastReader cleanup</li> <li><a href="https://github.com/jdereg/java-util/commit/edea7bac88207a6a2e20d3d05e2263936b5bc864";><code>edea7ba</code></a> Remove unused FastReader extended API methods</li> <li>Additional commits viewable in <a href="https://github.com/jdereg/java-util/compare/4.70.0...4.72.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
