dependabot[bot] opened a new pull request, #1650: URL: https://github.com/apache/cxf/pull/1650
Bumps [io.zipkin.reporter2:zipkin-sender-okhttp3](https://github.com/openzipkin/zipkin-reporter-java) from 2.17.1 to 3.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/openzipkin/zipkin-reporter-java/releases";>io.zipkin.reporter2:zipkin-sender-okhttp3's releases</a>.</em></p> <blockquote> <p>Zipkin Reporter 3.1 adds custom encoding (non-JSON) support for zipkin-reporter-brave's <code>AsyncZipkinSpanHandler</code>.</p> <p>This was first used in <a href="https://github.com/openzipkin/zipkin-gcp/tree/master/encoder-stackdriver-brave";>encoder-stackdriver-brave)</a> to allow traced apps to send spans to stackdriver without a zipkin core jar dependency</p> <pre lang="java"><code>spanHandler = AsyncZipkinSpanHandler.newBuilder(sender).build(new StackdriverV2Encoder(Tags.ERROR)); </code></pre> <p><strong>Full Changelog</strong>: <a href="https://github.com/openzipkin/zipkin-reporter-java/compare/3.0.1...3.1.1";>https://github.com/openzipkin/zipkin-reporter-java/compare/3.0.1...3.1.1</a></p> <p>Zipkin Reporter 3.0.1 fixes a problem where classpath scanners such as spring would trigger a <code>zipkin2.Span</code> class load on <code>AsyncZipkinSpanHandler</code> in <a href="https://central.sonatype.com/artifact/io.zipkin.reporter2/zipkin-reporter-brave";>zipkin-reporter-brave</a>, which intentionally has no dependency on that.</p> <p>Zipkin Reporter 3.0.0 makes the <a href="https://central.sonatype.com/search?q=io.zipkin.zipkin2%3Azipkin";>io.zipkin.zipkin2:zipkin</a> dependency of <a href="https://search.maven.org/search?q=g:io.zipkin.reporter2%20AND%20a:zipkin-reporter-brave";>io.zipkin.reporter2:zipkin-reporter-brave</a> optional. This means those using the <code>AsyncZipkinSpanHandler</code> will have no dependencies except any sender they configure. In particular, this allows those using Brave for things besides zipkin (e.g. wavefront) to avoid a dependency. Also, those sending spans zipkin have simpler dependency configuration and save a couple hundred KB, as well.</p> <p>Those using types from the core <a href="https://search.maven.org/search?q=g:io.zipkin.reporter2%20AND%20a:zipkin-reporter";>io.zipkin.reporter2:zipkin-reporter</a> artifact should depend on this directly, possibly using <a href="https://github.com/openzipkin/zipkin-reporter-java#version-alignments";>our bom</a> to align deps. <code>io.zipkin.reporter2:zipkin-reporter</code> still defaults to depend on <code>io.zipkin.zipkin2:zipkin</code>, but it can be excluded if you know what you are doing.</p> <p>Technically, some base classes to accommodate this, but they don't have affect on call sites except those implementing a custom <code>Reporter</code> or <code>Sender</code>. Due to these type changes, this is a major version change. However, must users will have a drop-in experience, except possibly dependency configuration changes.</p> <p>Thanks a lot to <a href="https://github.com/anuraaga";><code>@anuraaga</code></a> and <a href="https://github.com/reta";><code>@reta</code></a> who helped think through this!</p> <h2>Zipkin Reporter 2.17.2</h2> <p>Zipkin Reporter v2.17.2 fixes a bug where the jars that should be at Java 1.6 or 1.7 bytecode were not.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/openzipkin/zipkin-reporter-java/compare/2.17.0..2.17.2";>https://github.com/openzipkin/zipkin-reporter-java/compare/2.17.0..2.17.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/457009d3ca9e66e3202979732309ae98cf755588";><code>457009d</code></a> [maven-release-plugin] prepare release 3.2.1</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/6e992f9bd8c3ac3d58aebfd7ba527ee32dc0d028";><code>6e992f9</code></a> Adds deprecated functions for old Sender (<a href="https://redirect.github.com/openzipkin/zipkin-reporter-java/issues/246";>#246</a>)</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/ee8c0f105021e1f421d4104550adb145c8b3a51b";><code>ee8c0f1</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/e772cee253af0e577dfd993bf5cdb98975671da0";><code>e772cee</code></a> [maven-release-plugin] prepare release 3.2.0</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/22b0e371f80c8028568c09915461d5c2fe84a2e9";><code>22b0e37</code></a> Deprecates Sender for much simpler BytesMessageSender (<a href="https://redirect.github.com/openzipkin/zipkin-reporter-java/issues/244";>#244</a>)</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/2dbac71bea72aa214cdba1a8f0c86a2eb5f0a272";><code>2dbac71</code></a> docker: polishes integration tests (<a href="https://redirect.github.com/openzipkin/zipkin-reporter-java/issues/243";>#243</a>)</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/d97c01453ec743eecb3d10c0d0beaa1a2c3da8df";><code>d97c014</code></a> bumps to brave 6 and warns about zipkin dep version (<a href="https://redirect.github.com/openzipkin/zipkin-reporter-java/issues/242";>#242</a>)</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/35db29bcc9b40102c62843e0930ea46f2a037354";><code>35db29b</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/9508452041d55a9717cb18b4f7ad8ae88d56288e";><code>9508452</code></a> [maven-release-plugin] prepare release 3.1.1</li> <li><a href="https://github.com/openzipkin/zipkin-reporter-java/commit/9c666c4156e24aa3a4db198946d2f5edba46065e";><code>9c666c4</code></a> ci: deploys bom separately to allow re-do on partial failure (<a href="https://redirect.github.com/openzipkin/zipkin-reporter-java/issues/241";>#241</a>)</li> <li>Additional commits viewable in <a href="https://github.com/openzipkin/zipkin-reporter-java/compare/2.17.1...3.2.1";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
