This is an automated email from the ASF dual-hosted git repository.
csy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git
The following commit(s) were added to refs/heads/main by this push:
new 90b374003 ORC-1821: Upgrade `guava` to 33.4.0-jre
90b374003 is described below
commit 90b374003362d2a19f2127838892a59a9658205e
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Fri Dec 27 11:25:09 2024 +0800
ORC-1821: Upgrade `guava` to 33.4.0-jre
Bumps [com.google.guava:guava](https://github.com/google/guava) from
33.3.1-jre to 33.4.0-jre.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/guava/releases";>com.google.guava:guava's
releases</a>.</em></p>
<blockquote>
<h2>33.4.0</h2>
<h3>Maven</h3>
<pre lang="xml"><code><dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>33.4.0-jre</version>
<!-- or, for Android: -->
<version>33.4.0-android</version>
</dependency>
</code></pre>
<h3>Jar files</h3>
<ul>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/guava/33.4.0-jre/guava-33.4.0-jre.jar";>33.4.0-jre.jar</a></li>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/guava/33.4.0-android/guava-33.4.0-android.jar";>33.4.0-android.jar</a></li>
</ul>
<p>Guava requires <a
href="https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies";>one
runtime dependency</a>, which you can download here:</p>
<ul>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar";>failureaccess-1.0.1.jar</a></li>
</ul>
<h3>Javadoc</h3>
<ul>
<li><a
href="https://guava.dev/releases/33.4.0-jre/api/docs/";>33.4.0-jre</a></li>
<li><a
href="https://guava.dev/releases/33.4.0-android/api/docs/";>33.4.0-android</a></li>
</ul>
<h3>JDiff</h3>
<ul>
<li><a href="https://guava.dev/releases/33.4.0-jre/api/diffs/";>33.4.0-jre
vs. 33.3.1-jre</a></li>
<li><a
href="https://guava.dev/releases/33.4.0-android/api/diffs/";>33.4.0-android vs.
33.3.1-android</a></li>
<li><a
href="https://guava.dev/releases/33.4.0-android/api/androiddiffs/";>33.4.0-android
vs. 33.4.0-jre</a></li>
</ul>
<h3>Changelog</h3>
<ul>
<li>Exposed additional Java 8 APIs to Android users. (6082782134,
9b0109c662, 6ace8bc8ea, b650b9fe77, c6c268006c, 984f713d76, f9f3fffb87,
cdc225474e)</li>
<li><code>base</code>: Deprecated <code>Charsets</code> constants in favor
of <code>StandardCharsets</code>. We will not remove the constants, but we
recommend using <code>StandardCharsets</code> for consistency. (45e6be2688)</li>
<li><code>base</code>: Added <code>ToStringHelper.omitEmptyValues()</code>.
(f5ec2ab85c)</li>
<li><code>collect</code>: Added an optimized <code>copyOf</code> method to
<code>TreeRangeMap</code>. (a46565dd1c)</li>
<li><code>collect.testing</code>: Fixed <code>Require</code> annotations so
that features implied by absent features are not also required to be absent.
(81be061f85)</li>
<li><code>io</code>: Changed <code>ByteSink</code> and
<code>CharSink</code> to no longer call <code>flush()</code> in some cases
before <code>close()</code>. This is a no-op for well-behaved streams, which
internally flush their data as part of closing. However, we have discovered
some stream implementations that have overridden <code>close()</code> to do
nothing, including not to flush some buffered data. If this change causes
problems, the simplest fix is usually to change the <cod [...]
<li><code>net</code>: Added <code>HttpHeaders.ALT_SVC</code> and
<code>MediaType.CBOR</code>. (503ba429f9, 7c0bf0892d)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/google/guava/commits";>compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `dependabot show <dependency name> ignore conditions` will show all of
the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
</details>
Closes #2093 from
dependabot[bot]/dependabot/maven/java/com.google.guava-guava-33.4.0-jre.
Authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Shaoyun Chen <[email protected]>
---
java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/pom.xml b/java/pom.xml
index 12cd465ba..4fbe53793 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -221,7 +221,7 @@
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
- <version>33.3.1-jre</version>
+ <version>33.4.0-jre</version>
<scope>test</scope>
</dependency>
<dependency>
