This is an automated email from the ASF dual-hosted git repository.
dongjoon pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git
The following commit(s) were added to refs/heads/main by this push:
new 6c5a9eee3 ORC-1888: Upgrade `protobuf-java` to 3.25.7
6c5a9eee3 is described below
commit 6c5a9eee371303643cd1ad50297a7f279c25882f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Tue Apr 29 08:40:30 2025 -0700
ORC-1888: Upgrade `protobuf-java` to 3.25.7
Bumps
[com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf)
from 3.25.5 to 3.25.7.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/fff909ea5104ca2104898516511ee03ee4505078";><code>fff909e</code></a>
Updating version.json and repo version numbers to: 25.7</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/a4dc75f3e8505a497395443e99c76cfceb8c9d0d";><code>a4dc75f</code></a>
fix(php): do not throw deprecated warning on field getters for default
values...</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/2dac90d6459fd46c874af0bee6c277882eaa329a";><code>2dac90d</code></a>
Make rules_ruby a dev-only dependency. (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/20575";>#20575</a>)</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/5a56dd446528198081bd51339c390fb5d309ded3";><code>5a56dd4</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/20314";>#20314</a>
from protocolbuffers/update-ubuntu-25</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/96fca23a108d19f8baebb2f1e5d9efe995518c4c";><code>96fca23</code></a>
Update test_cpp.yml</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/8cc86751537bc698d4a6fe6ed6810ae86aed2bb9";><code>8cc8675</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/20292";>#20292</a>
from protocolbuffers/25.x-aarch64-cherry-pick</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/d4a4426b638210747483d04537425e224700aadf";><code>d4a4426</code></a>
Backport bumps to aarch64 runners</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/feb7a220cadb147fd44abcd0098ffa361e1fe5c7";><code>feb7a22</code></a>
Merge remote-tracking branch 'origin/25.x' into 25.x</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/a2e03a38297c25eab43a021cac442644edff1a99";><code>a2e03a3</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/20102";>#20102</a>
from protocolbuffers/25.x-202501242017</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/09e53069307265cd1405069924a5fe0ecfb46d6c";><code>09e5306</code></a>
Updating version.json and repo version numbers to: 25.7-dev</li>
<li>Additional commits viewable in <a
href="https://github.com/protocolbuffers/protobuf/compare/v3.25.5...v3.25.7";>compare
view</a></li>
</ul>
</details>
<br />
<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>
| Dependency Name | Ignore Conditions |
| --- | --- |
| com.google.protobuf:protobuf-java | [>= 4.a, < 5] |
</details>
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `dependabot show <dependency name> ignore conditions` will show all of
the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
</details>
Closes #2203 from
dependabot[bot]/dependabot/maven/java/com.google.protobuf-protobuf-java-3.25.7.
Authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Dongjoon Hyun <[email protected]>
---
java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/pom.xml b/java/pom.xml
index ee1b0b1d1..bccbaeb4d 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -79,7 +79,7 @@
<orc-format.version>1.1.0</orc-format.version>
<!-- Build Properties -->
<project.build.outputTimestamp>2025-01-05T19:25:27Z</project.build.outputTimestamp>
- <protobuf.version>3.25.5</protobuf.version>
+ <protobuf.version>3.25.7</protobuf.version>
<slf4j.version>2.0.17</slf4j.version>
<storage-api.version>2.8.1</storage-api.version>
<surefire.version>3.5.2</surefire.version>
