(orc) branch branch-1.9 updated: ORC-1562: Bump `com.google.guava:guava` to 33.0.0-jre

dongjoon Tue, 02 Jan 2024 10:39:15 -0800

This is an automated email from the ASF dual-hosted git repository.

dongjoon pushed a commit to branch branch-1.9
in repository https://gitbox.apache.org/repos/asf/orc.git



The following commit(s) were added to refs/heads/branch-1.9 by this push:
     new 7ce23ccde ORC-1562: Bump `com.google.guava:guava` to 33.0.0-jre
7ce23ccde is described below

commit 7ce23ccdeb04c39daf68520ab51f05341d4a00c5
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Mon Dec 25 15:06:44 2023 -0800

    ORC-1562: Bump `com.google.guava:guava` to 33.0.0-jre
    
    Bumps [com.google.guava:guava](https://github.com/google/guava) from 
32.1.3-jre to 33.0.0-jre.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a 
href="https://github.com/google/guava/releases";>com.google.guava:guava's 
releases</a>.</em></p>
    <blockquote>
    <h2>33.0.0</h2>
    <h3>Maven</h3>
    <pre lang="xml"><code>&lt;dependency&gt;
      &lt;groupId&gt;com.google.guava&lt;/groupId&gt;
      &lt;artifactId&gt;guava&lt;/artifactId&gt;
      &lt;version&gt;33.0.0-jre&lt;/version&gt;
      &lt;!-- or, for Android: --&gt;
      &lt;version&gt;33.0.0-android&lt;/version&gt;
    &lt;/dependency&gt;
    </code></pre>
    <h3>Jar files</h3>
    <ul>
    <li><a 
href="https://repo1.maven.org/maven2/com/google/guava/guava/33.0.0-jre/guava-33.0.0-jre.jar";>33.0.0-jre.jar</a></li>
    <li><a 
href="https://repo1.maven.org/maven2/com/google/guava/guava/33.0.0-android/guava-33.0.0-android.jar";>33.0.0-android.jar</a></li>
    </ul>
    <p>Guava requires <a 
href="https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies";>one
 runtime dependency</a>, which you can download here:</p>
    <ul>
    <li><a 
href="https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar";>failureaccess-1.0.1.jar</a></li>
    </ul>
    <h3>Javadoc</h3>
    <ul>
    <li><a 
href="http://guava.dev/releases/33.0.0-jre/api/docs/";>33.0.0-jre</a></li>
    <li><a 
href="http://guava.dev/releases/33.0.0-android/api/docs/";>33.0.0-android</a></li>
    </ul>
    <h3>JDiff</h3>
    <ul>
    <li><a href="http://guava.dev/releases/33.0.0-jre/api/diffs/";>33.0.0-jre 
vs. 32.1.3-jre</a></li>
    <li><a 
href="http://guava.dev/releases/33.0.0-android/api/diffs/";>33.0.0-android vs. 
32.1.3-android</a></li>
    <li><a 
href="http://guava.dev/releases/33.0.0-android/api/androiddiffs/";>33.0.0-android
 vs. 33.0.0-jre</a></li>
    </ul>
    <h3>Changelog</h3>
    <ul>
    <li>This version of <code>guava-android</code> contains some 
package-private methods whose signature includes the Java 8 
<code>Collector</code> API. This is a test to identify any problems before we 
expose those methods publicly to users. Please report any problems that you 
encounter. (73dbf7ef26)</li>
    <li>Changed various classes to catch <code>Exception</code> instead of 
<code>RuntimeException</code> even when only <code>RuntimeException</code> is 
theoretically possible. This can help code that throws undeclared exceptions, 
as some bytecode rewriters (e.g., Robolectric) and languages (e.g., Kotlin) do. 
(c294c23760, 747924e, b2baf48)</li>
    <li>Added an <code>Automatic-Module-Name</code> to 
<code>failureaccess</code>, <a 
href="https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies";>Guava's
 one strong runtime dependency</a>. (280b5d2f60)</li>
    <li><code>reflect</code>: In <code>guava-android</code> only, removed 
<code>Invokable.getAnnotatedReturnType()</code> and 
<code>Parameter.getAnnotatedType()</code>. These methods never worked in an 
Android VM, and to reflect that, they were born <code>Deprecated</code>, 
<code>Beta</code>, and <code>DoNotCall</code>. They're now preventing us from 
rolling out some new Android compatibility testing. This is <strong>the only 
binary-incompatible change in this release</strong>, and it sho [...]
    <li><code>util.concurrent</code>: Changed our implementations to avoid 
eagerly initializing loggers during class loading. This can help performance, 
especially under Android. (4fe1df56bd)</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li>See full diff in <a 
href="https://github.com/google/guava/commits";>compare view</a></li>
    </ul>
    </details>
    <br />
    
    [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.guava:guava&package-manager=maven&previous-version=32.1.3-jre&new-version=33.0.0-jre)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `dependabot rebase` will rebase this PR
    - `dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
    - `dependabot merge` will merge this PR after your CI passes on it
    - `dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
    - `dependabot cancel merge` will cancel a previously requested merge and 
block automerging
    - `dependabot reopen` will reopen this PR if it is closed
    - `dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
    - `dependabot show <dependency name> ignore conditions` will show all of 
the ignore conditions of the specified dependency
    - `dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
    - `dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
    - `dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
    
    </details>
    
    Closes #1707 from 
dependabot[bot]/dependabot/maven/java/com.google.guava-guava-33.0.0-jre.
    
    Authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
    Signed-off-by: Dongjoon Hyun <[email protected]>
    (cherry picked from commit c268bc5065099b5bd18e0ddb8022b29e8316c962)
    Signed-off-by: Dongjoon Hyun <[email protected]>
---
 java/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/pom.xml b/java/pom.xml
index e00883afe..78eeb7555 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -403,7 +403,7 @@
       <dependency>
         <groupId>com.google.guava</groupId>
         <artifactId>guava</artifactId>
-        <version>31.1-jre</version>
+        <version>33.0.0-jre</version>
         <scope>test</scope>
       </dependency>
       <dependency>

(orc) branch branch-1.9 updated: ORC-1562: Bump `com.google.guava:guava` to 33.0.0-jre

Reply via email to