dependabot[bot] opened a new pull request, #16289: URL: https://github.com/apache/druid/pull/16289
Bumps [com.microsoft.azure:azure-storage](https://github.com/Azure/azure-storage-java) from 8.6.0 to 8.6.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Azure/azure-storage-java/releases";>com.microsoft.azure:azure-storage's releases</a>.</em></p> <blockquote> <h2>Java Storage Client Library 8.6.6</h2> <ul> <li>Upgraded keyvault dependency to pull in security fix in google.guava 24.1.</li> </ul> <h2>Java Storage Client Library 8.6.5</h2> <ul> <li>Fixed a race condition in XML parsing logic that in narrow situations could cause the parser to be initialized incorrectly resulting in an erroneously empty list result.</li> </ul> <h2>Java Storage Client Library 8.6.4</h2> <ul> <li>Converted the httpsKeepAliveSocketFactory into a singleton for performance improvements.</li> </ul> <h2>Java Storage Client Library 8.6.3</h2> <ul> <li>Added the commitWriteOnInputStreamException option to BlobRequestOptions, which will allow the user to configure whether any data staged through openWrite when using the upload(InputStream, long) method will be committed upon failures in the InputStream.</li> <li>Disabled httpsKeepAlive by default as it can introduce some perf issues.</li> </ul> <h2>Java Storage Client Library 8.6.2</h2> <ul> <li>Fixed a bug in the pom that disrupted the ability to download from maven central.</li> </ul> <h2>Java Storage Client Library 8.6.1</h2> <ul> <li>Fixed a bug in BlobInputStream that would return extra zeros at the end of the stream if the data was encrypted using client-side encryption.</li> <li>MD5 checks on BlobInputStream are skipped if data being downloaded is also being decrypted via client-side encryption, even if disableMd5Calculation is set to false. Previously this check would always fail as MD5 is calculated on cipher text on upload but was calculated on plaintext on download.</li> <li>Added a workaround to a JDK bug that would ignore connection timeouts on retries, causing hangs in some scenarios. This requires defaulting setting https keep-alive on all sockets. It can be disabled via BlobRequestOptions.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Azure/azure-storage-java/blob/v8.6.6/ChangeLog.txt";>com.microsoft.azure:azure-storage's changelog</a>.</em></p> <blockquote> <p>2020.06.22 Version 8.6.6</p> <ul> <li>Upgraded keyvault dependency to pull in security fix in google.guava 24.1.</li> </ul> <p>2020.06.22 Version 8.6.5</p> <ul> <li>Fixed a race condition in XML parsing logic that in narrow situations could cause the parser to be initialized incorrectly resulting in an erroneously empty list result.</li> </ul> <p>2020.05.04 Version 8.6.4</p> <ul> <li>Converted the httpsKeepAliveSocketFactory into a singleton for performance improvements.</li> </ul> <p>2020.03.30 Version 8.6.3</p> <ul> <li>Added the commitWriteOnInputStreamException option to BlobRequestOptions, which will allow the user to configure whether any data staged through openWrite when using the upload(InputStream, long) method will be committed upon failures in the InputStream.</li> <li>Disabled httpsKeepAlive by default as it can introduce some perf issues.</li> </ul> <p>2020.03.18 Version 8.6.2</p> <ul> <li>Fixed a bug in the pom that disrupted the ability to download from maven central.</li> </ul> <p>2020.03.10 Version 8.6.1</p> <ul> <li>Fixed a bug in BlobInputStream that would return extra zeros at the end of the stream if the data was encrypted using client-side encryption.</li> <li>MD5 checks on BlobInputStream are skipped if data being downloaded is also being decrypted via client-side encryption, even if disableMd5Calculation is set to false. Previously this check would always fail as MD5 is calculated on cipher text on upload but was calculated on plaintext on download.</li> <li>Added a workaround to a JDK bug that would ignore connection timeouts on retries, causing hangs in some scenarios. This requires defaulting setting https keep-alive on all sockets. It can be disabled via BlobRequestOptions.</li> </ul> <p>2019.12.06 Version 8.6.0</p> <ul> <li>Added the skipDecode flag to the generate sas method on CloudBlob. This flag allows the customer to skip the url decode that happens by default on the string to sign right before signing. This resolves some problems with custom values for some of the query parameters when used with third party clients.</li> </ul> <p>2019.12.02 Version 8.5.0</p> <ul> <li>Support for HTTP proxy with Basic auth.</li> <li>Support for HTTP proxy with Digest auth.</li> <li>Added an option to SharedAccessHeaders that will allow the customer to preserve the raw value set on the object. Headers could previously be changed by an internal url decode that might modified the desired value.</li> </ul> <p>2019.08.05 Version 8.4.0</p> <ul> <li>Support for 2019-02-02 REST version. Please see our REST API documentation and blogs for information about the related added features.</li> <li>Added support for setting rehydrate priority for SetBlobTier and CopyBlob APIs.</li> <li>Added support for PutRangeFromURL API to writes bytes from one Azure File endpoint into the specified range of another Azure File endpoint.</li> <li>Added setDirectoryProperties, createPermission, and getPermission APIs to the File package.</li> <li>Added required headers for creatFile, createDirectory, setFileProperties, getFileProperties, getDirectoryProperties, getFile APIs.</li> <li>Updated getFileProperties, getDirectoryProperties, and getFile calls to update SMB properties.</li> <li>Added support for setting access tier for PutBlob/PutBlockList and CopyBlob APIs.</li> <li>Added support for batching blob operations. Currently the only batchable apis are deleteBlob and setBlobTier.</li> </ul> <p>2019.04.23 Version 8.3.0</p> <ul> <li>Fixed a bug in the range download to InputStream that would throw an exception if the source blob was empty.</li> <li>Added support for List/Close File Handles APIs.</li> </ul> <p>2019.04.05 Version 8.2.0</p> <ul> <li>Support for 2018-11-09 REST version. Please see our REST API documentation and blogs for information about the related added features.</li> <li>Added appendBlockFromURL method. A block may be created with another blob as its source.</li> <li>Added uploadPagesFromURL method. Pages may be written to with another blob as their source.</li> <li>Fixed a bug in which putBlockFromURI accessConditions were indicated as being on the destination when in actuality they only apply to the source.</li> <li>Added a method to get share stats in bytes.</li> <li>Support for snapshot-level shared access signature tokens on blobs.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Azure/azure-storage-java/commit/af5bd1db96a1b0be9be112566de4565582afd155";><code>af5bd1d</code></a> Merge pull request <a href="https://redirect.github.com/Azure/azure-storage-java/issues/558";>#558</a> from Azure/legacy-dev</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/a82cc5352d4b28b5da37407a913615a830aed945";><code>a82cc53</code></a> Merge pull request <a href="https://redirect.github.com/Azure/azure-storage-java/issues/557";>#557</a> from rickle-msft/guavaUpgrade</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/14bc81ddfd1467865cb8d9042f69152a0e403c56";><code>14bc81d</code></a> Removed creds</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/8c6dd85f8e1c94e58096710cb58f537bbebc3024";><code>8c6dd85</code></a> Guava dependency upgrade by upgrading keyvault</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/7a1f232fb3e99011dd9c5be0c6b434030f6c917e";><code>7a1f232</code></a> Merge pull request <a href="https://redirect.github.com/Azure/azure-storage-java/issues/549";>#549</a> from Azure/legacy-dev</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/921b5ccf0ba6c974ed673e8659cd57b8d2e8dfec";><code>921b5cc</code></a> Merge pull request <a href="https://redirect.github.com/Azure/azure-storage-java/issues/548";>#548</a> from rickle-msft/8.6.5releasePrep</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/6ca7a66b06d24c63b885ca073002de58eeb5769c";><code>6ca7a66</code></a> Release prep</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/26947e47124999833cd16a741d3bd10fd01b42ed";><code>26947e4</code></a> Merge pull request <a href="https://redirect.github.com/Azure/azure-storage-java/issues/546";>#546</a> from ThomasMarquardt/legacy-dev</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/15b176d95e8a437e2e58fd73b2501575ed605508";><code>15b176d</code></a> SAXParser concurrency bug fix.</li> <li><a href="https://github.com/Azure/azure-storage-java/commit/cdd966e824305c0333924da7e7c2592a808e0c4c";><code>cdd966e</code></a> Merge pull request <a href="https://redirect.github.com/Azure/azure-storage-java/issues/544";>#544</a> from Azure/legacy-dev</li> <li>Additional commits viewable in <a href="https://github.com/Azure/azure-storage-java/compare/v8.6.0...v8.6.6";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
