This is an automated email from the ASF dual-hosted git repository.
csy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git
The following commit(s) were added to refs/heads/main by this push:
new 1b39072be ORC-1719: Bump `guava` to 33.2.0-jre
1b39072be is described below
commit 1b39072be292592528052e7299078651ff2bccba
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Wed May 22 14:05:49 2024 +0800
ORC-1719: Bump `guava` to 33.2.0-jre
Bumps [com.google.guava:guava](https://github.com/google/guava) from
33.1.0-jre to 33.2.0-jre.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/guava/releases";>com.google.guava:guava's
releases</a>.</em></p>
<blockquote>
<h2>33.2.0</h2>
<h3>Android users: Please test recent Guava versions</h3>
<p>If you know of Guava Android users who have not yet upgraded to at least
release <a
href="https://github.com/google/guava/releases/tag/v33.0.0";>33.0.0</a>, please
encourage them to upgrade, preferably to today's release, 33.2.0. These
releases have begun adding Java 8+ APIs to <code>guava-android</code>. While we
don't anticipate problems, we do anticipate that any unexpected problems could
force a disruptive rollback. To minimize any disruption, we'd like to catch any
such problem [...]
<p>Please <a
href="https://github.com/google/guava/issues/new?assignees=&labels=type%3Ddefect&projects=&template=bug_report.yaml";>let
us know of any problems you encounter</a>.</p>
<h3>Maven</h3>
<pre lang="xml"><code><dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>33.2.0-jre</version>
<!-- or, for Android: -->
<version>33.2.0-android</version>
</dependency>
</code></pre>
<h3>Jar files</h3>
<ul>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/guava/33.2.0-jre/guava-33.2.0-jre.jar";>33.2.0-jre.jar</a></li>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/guava/33.2.0-android/guava-33.2.0-android.jar";>33.2.0-android.jar</a></li>
</ul>
<p>Guava requires <a
href="https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies";>one
runtime dependency</a>, which you can download here:</p>
<ul>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar";>failureaccess-1.0.1.jar</a></li>
</ul>
<h3>Javadoc</h3>
<ul>
<li><a
href="https://guava.dev/releases/33.2.0-jre/api/docs/";>33.2.0-jre</a></li>
<li><a
href="https://guava.dev/releases/33.2.0-android/api/docs/";>33.2.0-android</a></li>
</ul>
<h3>JDiff</h3>
<ul>
<li><a href="https://guava.dev/releases/33.2.0-jre/api/diffs/";>33.2.0-jre
vs. 33.1.0-jre</a></li>
<li><a
href="https://guava.dev/releases/33.2.0-android/api/diffs/";>33.2.0-android vs.
33.1.0-android</a></li>
<li><a
href="https://guava.dev/releases/33.2.0-android/api/androiddiffs/";>33.2.0-android
vs. 33.2.0-jre</a></li>
</ul>
<h3>Changelog</h3>
<ul>
<li>Dropped testing for Android versions before Lollipop (API Level 21).
Guava may stop working under older versions in the future, or it may have done
so already.</li>
<li>Fixed <a href="https://redirect.github.com/google/guava/issues/7134";>a
GWT compilation breakage under Gradle</a>. (858caf425c)</li>
<li><code>collect</code>: Made our <code>Collector</code> APIs (e.g.,
<code>ImmutableList.toImmutableList()</code>) available in
<code>guava-android</code>. More <a
href="https://redirect.github.com/google/guava/issues/6567";>Java 8 APIs</a>
will follow in future releases. (96fca0b747)
<ul>
<li>As always, streams are available to Android code only when that code <a
href="https://developer.android.com/studio/write/java8-support#library-desugaring";>enables
library desugaring</a> or targets a new enough API Level (<a
href="https://developer.android.com/reference/java/util/stream/Stream";>24
(Nougat)</a> for many stream APIs). (But note that we test only with library
desugaring, so we don't <a
href="https://redirect.github.com/google/guava/issues/7197";>currently</a> know
if A [...]
</ul>
</li>
<li><code>collect</code>: Fixed a potential
<code>NullPointerException</code> in <code>ImmutableMap.Builder</code> on a
rare code path. (70a98115d8)</li>
<li><code>net</code>: Added <code>HttpHeaders</code> constants
<code>Ad-Auction-Allowed</code>, <code>Permissions-Policy-Report-Only</code>,
and <code>Sec-GPC</code>. (7dc01ed27b, 41d0d9a833,
38c8017bd44b7919b112f1c99f3d8ce4b058ae5d)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/google/guava/commits";>compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `dependabot show <dependency name> ignore conditions` will show all of
the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
</details>
Closes #1934 from
dependabot[bot]/dependabot/maven/java/com.google.guava-guava-33.2.0-jre.
Authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Shaoyun Chen <[email protected]>
---
java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/pom.xml b/java/pom.xml
index f5ad17098..d9f430fad 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -221,7 +221,7 @@
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
- <version>33.1.0-jre</version>
+ <version>33.2.0-jre</version>
<scope>test</scope>
</dependency>
<dependency>
