(pulsar) branch master updated: [improve][misc] Upgrade Apache Commons libraries and Apache Http components (#25963)

Mon, 08 Jun 2026 06:19:10 -0700 

This is an automated email from the ASF dual-hosted git repository.

lhotari pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/master by this push:
     new b686e96ae87 [improve][misc] Upgrade Apache Commons libraries and 
Apache Http components (#25963)
b686e96ae87 is described below

commit b686e96ae873ad59855e44312ff936e856c855a4
Author: Lari Hotari <[email protected]>
AuthorDate: Mon Jun 8 16:18:11 2026 +0300

    [improve][misc] Upgrade Apache Commons libraries and Apache Http components 
(#25963)
---
 distribution/server/src/assemble/LICENSE.bin.txt | 14 +++++++-------
 distribution/shell/src/assemble/LICENSE.bin.txt  |  6 +++---
 gradle/libs.versions.toml                        | 14 +++++++-------
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/distribution/server/src/assemble/LICENSE.bin.txt 
b/distribution/server/src/assemble/LICENSE.bin.txt
index edf92edd1c1..876413151d8 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -282,14 +282,14 @@ The Apache Software License, Version 2.0
  * Apache Commons
     - commons-beanutils-commons-beanutils-1.11.0.jar
     - commons-cli-commons-cli-1.11.0.jar
-    - commons-codec-commons-codec-1.20.0.jar
-    - commons-io-commons-io-2.21.0.jar
-    - commons-logging-commons-logging-1.3.5.jar
+    - commons-codec-commons-codec-1.22.0.jar
+    - commons-io-commons-io-2.22.0.jar
+    - commons-logging-commons-logging-1.3.6.jar
     - org.apache.commons-commons-collections4-4.5.0.jar
     - org.apache.commons-commons-compress-1.28.0.jar
-    - org.apache.commons-commons-configuration2-2.15.0.jar
+    - org.apache.commons-commons-configuration2-2.15.1.jar
     - org.apache.commons-commons-lang3-3.20.0.jar
-    - org.apache.commons-commons-text-1.14.0.jar
+    - org.apache.commons-commons-text-1.15.0.jar
  * Netty
     - io.netty-netty-buffer-4.1.135.Final.jar
     - io.netty-netty-codec-4.1.135.Final.jar
@@ -382,8 +382,8 @@ The Apache Software License, Version 2.0
     - org.apache.bookkeeper-native-io-4.17.3.jar
     - at.yawk.lz4-lz4-java-1.10.3.jar
   * Apache HTTP Client
-    - org.apache.httpcomponents-httpclient-4.5.13.jar
-    - org.apache.httpcomponents-httpcore-4.4.15.jar
+    - org.apache.httpcomponents-httpclient-4.5.14.jar
+    - org.apache.httpcomponents-httpcore-4.4.16.jar
  * AirCompressor
     - io.airlift-aircompressor-2.0.3.jar
  * AsyncHttpClient
diff --git a/distribution/shell/src/assemble/LICENSE.bin.txt 
b/distribution/shell/src/assemble/LICENSE.bin.txt
index f90a5d69350..13f74163326 100644
--- a/distribution/shell/src/assemble/LICENSE.bin.txt
+++ b/distribution/shell/src/assemble/LICENSE.bin.txt
@@ -339,10 +339,10 @@ The Apache Software License, Version 2.0
     - datasketches-java-7.0.1.jar
     - datasketches-memory-4.1.0.jar
  * Apache Commons
-    - commons-codec-1.20.0.jar
-    - commons-io-2.21.0.jar
+    - commons-codec-1.22.0.jar
+    - commons-io-2.22.0.jar
     - commons-lang3-3.20.0.jar
-    - commons-text-1.14.0.jar
+    - commons-text-1.15.0.jar
     - commons-compress-1.28.0.jar
  * Netty
     - netty-buffer-4.1.135.Final.jar
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 870a763fc52..8fdd2dbf477 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -45,16 +45,16 @@ opentelemetry-instrumentation-alpha = "2.28.1-alpha"
 opentelemetry-semconv = "1.41.1"
 # Apache Commons
 commons-lang3 = "3.20.0"
-commons-io = "2.21.0"
-commons-codec = "1.20.0"
+commons-io = "2.22.0"
+commons-codec = "1.22.0"
 commons-compress = "1.28.0"
 commons-collections4 = "4.5.0"
 commons-cli = "1.11.0"
-commons-text = "1.14.0"
+commons-text = "1.15.0"
 commons-math3 = "3.6.1"
-commons-logging = "1.3.5"
+commons-logging = "1.3.6"
 commons-beanutils = "1.11.0"
-commons-configuration2 = "2.15.0"
+commons-configuration2 = "2.15.1"
 # BouncyCastle
 bouncycastle = "1.84"
 bouncycastle-bcpkix-fips = "2.0.11"
@@ -72,8 +72,8 @@ conscrypt = "2.5.2"
 okhttp3 = "5.3.2"
 okio = "3.17.0"
 netty-tcnative = "2.0.77.Final"
-httpcomponents-httpclient = "4.5.13"
-httpcomponents-httpcore = "4.4.15"
+httpcomponents-httpclient = "4.5.14"
+httpcomponents-httpcore = "4.4.16"
 # Google libraries (transitive deps, versions managed to match Maven)
 google-auth = "1.24.1"
 google-http-client = "1.41.0"

Reply via email to