This is an automated email from the ASF dual-hosted git repository.
dongjoon pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git
The following commit(s) were added to refs/heads/main by this push:
new 36c9a2656 ORC-2004: Upgrade `bouncycastle` to 1.82
36c9a2656 is described below
commit 36c9a2656e0f0b17c499fe587dc3b747c7a1ad35
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Thu Sep 25 15:30:06 2025 -0700
ORC-2004: Upgrade `bouncycastle` to 1.82
Bumps [org.bouncycastle:bcpkix-jdk18on](https://github.com/bcgit/bc-java)
from 1.81 to 1.82.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html";>org.bouncycastle:bcpkix-jdk18on's
changelog</a>.</em></p>
<blockquote>
<p>2.1.1 VersionRelease: 1.82Date: 2025, 17th September.</p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/bcgit/bc-java/commits";>compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `dependabot show <dependency name> ignore conditions` will show all of
the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
</details>
Closes #2412 from
dependabot[bot]/dependabot/maven/java/org.bouncycastle-bcpkix-jdk18on-1.82.
Authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Dongjoon Hyun <[email protected]>
---
java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/pom.xml b/java/pom.xml
index 28ac87a29..87bf18147 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -60,7 +60,7 @@
</modules>
<properties>
- <bouncycastle.version>1.81</bouncycastle.version>
+ <bouncycastle.version>1.82</bouncycastle.version>
<brotli4j.version>1.20.0</brotli4j.version>
<checkstyle.version>11.0.1</checkstyle.version>
<commons-cli.version>1.10.0</commons-cli.version>
