Skip to content

Bump the maven group across 8 directories with 10 updates#203

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/it/google-cloud-platform/maven-e7682b5493
Open

Bump the maven group across 8 directories with 10 updates#203
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/it/google-cloud-platform/maven-e7682b5493

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github May 6, 2025

Bumps the maven group with 1 update in the /it/google-cloud-platform directory: org.apache.parquet:parquet-avro.
Bumps the maven group with 4 updates in the /plugins/templates-maven-plugin directory: org.apache.maven:maven-plugin-api, org.apache.maven:maven-core, org.apache.maven:maven-artifact and org.apache.maven:maven-compat.
Bumps the maven group with 1 update in the /structured-logging directory: ch.qos.logback:logback-core.
Bumps the maven group with 2 updates in the /v1 directory: org.apache.derby:derby and org.springframework:spring-expression.
Bumps the maven group with 1 update in the /v2/cdc-parent directory: org.apache.commons:commons-configuration2.
Bumps the maven group with 1 update in the /v2/cdc-parent/cdc-embedded-connector directory: org.apache.commons:commons-configuration2.
Bumps the maven group with 1 update in the /v2/googlecloud-to-neo4j directory: org.yaml:snakeyaml.
Bumps the maven group with 1 update in the /v2/sourcedb-to-spanner directory: org.apache.derby:derby.

Updates org.apache.parquet:parquet-avro from 1.13.1 to 1.15.2

Release notes

Sourced from org.apache.parquet:parquet-avro's releases.

Apache Parquet Java 1.15.2

What's Changed

Full Changelog: apache/parquet-java@apache-parquet-1.15.1...apache-parquet-1.15.2-rc0

Apache Parquet Java 1.15.1

What's Changed

Full Changelog: apache/parquet-java@apache-parquet-1.15.0...apache-parquet-1.15.1

Apache Parquet 1.15.0

What's Changed

... (truncated)

Changelog

Sourced from org.apache.parquet:parquet-avro's changelog.

Parquet

From 1.14.2 onwards, the Parquet project has migrated from Jira to GitHub, and the changelogs are now published under Releases.

Version 1.14.1

Release Notes - Parquet - Version 1.14.1

Bug

  • PARQUET-2468 - ParquetMetadata.toPrettyJSON throws exception on file read when LOG.isDebugEnabled()
  • PARQUET-2498 - Hadoop vector IO API doesn't handle empty list of ranges

Version 1.14.0

Release Notes - Parquet - Version 1.14.0

Bug

  • PARQUET-2260 - Bloom filter bytes size shouldn't be larger than maxBytes size in the configuration
  • PARQUET-2266 - Fix support for files without ColumnIndexes
  • PARQUET-2276 - ParquetReader reads do not work with Hadoop version 2.8.5
  • PARQUET-2300 - Update jackson-core 2.13.4 to a version without CVE PRISMA-2023-0067
  • PARQUET-2325 - Fix parquet-cli's dictionary subcommand to work with FIXED_LEN_BYTE_ARRAY
  • PARQUET-2329 - Fix wrong help messages of parquet-cli subcommands
  • PARQUET-2330 - Fix convert-csv to show the correct position of the invalid record
  • PARQUET-2332 - Fix unexpectedly disabled tests to be executed
  • PARQUET-2336 - Add caching key to CodecFactory
  • PARQUET-2342 - Parquet writer produced a corrupted file due to page value count overflow
  • PARQUET-2343 - Fixes NPE when rewriting file with multiple rowgroups
  • PARQUET-2348 - Recompression/Re-encrypt should rewrite bloomfilter

... (truncated)

Commits
  • 859eac1 [maven-release-plugin] prepare release apache-parquet-1.15.2-rc0
  • 2fef79b GH-3198: Allow specifying trusted classes by class name (#3199)
  • aedfbbc Fix snapshot version of parquet-plugins
  • fe532b5 Prepare for next development iteration
  • e7ecd8a [maven-release-plugin] prepare for next development iteration
  • c7257b8 [maven-release-plugin] prepare release apache-parquet-1.15.1-rc0
  • 8e70eea GH-3168: Restrict trusted packages in the parquet-avro module (#3169)
  • 9d6e19f GH-3172: Do not drop blocks with some null values if DictionaryFilter is ap...
  • a19e985 GH-3133: Fix SizeStatistics to handle omitted histogram (#3135)
  • de3c2d0 Prepare for next development iteration
  • Additional commits viewable in compare view

Updates org.apache.maven:maven-plugin-api from 3.6.3 to 3.9.9

Release notes

Sourced from org.apache.maven:maven-plugin-api's releases.

3.9.9

Release Notes - Maven - Version 3.9.9

What's Changed

... (truncated)

Commits
  • 8e8579a [maven-release-plugin] prepare release maven-3.9.9
  • 7185b0a [MNG-8165] Get rid of bashism creeped in (#1653)
  • ba05e6a [maven-release-plugin] prepare for next development iteration
  • 476642f [maven-release-plugin] prepare release maven-3.9.9
  • 274f1e3 [MNG-8165] Align mvn.sh script with mvn.cmd (#1647)
  • 1a787b0 [MNG-8188] Profile properties are not interpolated (#1634)
  • ecd577b [MNG-8177] Add contextual info for model warnings (#1633)
  • 42fc90e [MNG-8206] Remove bad plugin.xml in maven-compat (#1646)
  • 38a128f [MNG-8180] Back out from failing the build (#1642)
  • f2135c1 [MNG-8180] Handle NPE due non-existent tags (#1641)
  • Additional commits viewable in compare view

Updates org.apache.maven:maven-core from 3.6.3 to 3.9.9

Updates org.apache.maven:maven-artifact from 3.6.3 to 3.9.9

Updates org.apache.maven:maven-compat from 3.6.3 to 3.9.9

Release notes

Sourced from org.apache.maven:maven-compat's releases.

3.9.9

Release Notes - Maven - Version 3.9.9

What's Changed

... (truncated)

Commits
  • 8e8579a [maven-release-plugin] prepare release maven-3.9.9
  • 7185b0a [MNG-8165] Get rid of bashism creeped in (#1653)
  • ba05e6a [maven-release-plugin] prepare for next development iteration
  • 476642f [maven-release-plugin] prepare release maven-3.9.9
  • 274f1e3 [MNG-8165] Align mvn.sh script with mvn.cmd (#1647)
  • 1a787b0 [MNG-8188] Profile properties are not interpolated (#1634)
  • ecd577b [MNG-8177] Add contextual info for model warnings (#1633)
  • 42fc90e [MNG-8206] Remove bad plugin.xml in maven-compat (#1646)
  • 38a128f [MNG-8180] Back out from failing the build (#1642)
  • f2135c1 [MNG-8180] Handle NPE due non-existent tags (#1641)
  • Additional commits viewable in compare view

Updates org.apache.maven:maven-compat from 3.6.3 to 3.9.9

Release notes

Sourced from org.apache.maven:maven-compat's releases.

3.9.9

Release Notes - Maven - Version 3.9.9

What's Changed

... (truncated)

Commits
  • 8e8579a [maven-release-plugin] prepare release maven-3.9.9
  • 7185b0a [MNG-8165] Get rid of bashism creeped in (#1653)
  • ba05e6a [maven-release-plugin] prepare for next development iteration
  • 476642f [maven-release-plugin] prepare release maven-3.9.9
  • 274f1e3 [MNG-8165] Align mvn.sh script with mvn.cmd (#1647)
  • 1a787b0 [MNG-8188] Profile properties are not interpolated (#1634)
  • ecd577b [MNG-8177] Add contextual info for model warnings (#1633)
  • 42fc90e [MNG-8206] Remove bad plugin.xml in maven-compat (#1646)
  • 38a128f [MNG-8180] Back out from failing the build (#1642)
  • f2135c1 [MNG-8180] Handle NPE due non-existent tags (#1641)
  • Additional commits viewable in compare view

Updates ch.qos.logback:logback-core from 1.4.14 to 1.5.13

Commits
  • 32638aa prepare release 1.5.13
  • 0056a9c CORE_POOL_SIZE set to 4
  • 2cb6d52 remove JaninoEventEvaluator
  • 5f05041 prevent Server-Side Request Forgery (SSRF) attacks by ignoring external DTD f...
  • 6ddf918 remove StaxEventRecorder
  • 54cbd3f fix reproducibility issues with the /maven-bundle-plugin. See https://maven.a...
  • 433e168 ThreadPoolExecutor now uses LinkedBlockingQueue instead of SynchronousQueue. ...
  • 69ce513 minor rewording
  • 78516e7 minor refactoring
  • 9f2de61 added info status statement regarding logging on the console
  • Additional commits viewable in compare view

Updates org.apache.derby:derby from 10.14.2.0 to 10.17.1.0

Updates org.springframework:spring-expression from 5.2.22.RELEASE to 5.3.39

Release notes

Sourced from org.springframework:spring-expression's releases.

v5.3.39

⭐ New Features

  • SimpleEvaluationContext should disable array allocation #33386

v5.3.38

⭐ New Features

  • Efficient handling of conditional HTTP requests #33378

🐞 Bug Fixes

  • Fix incorrect weak ETag validation #33377
  • SimpleEvaluationContext does not enforce read-only semantics #33320
  • ConversionService cannot convert primitive array to Object[] #33314
  • SpEL Indexer silently ignores failure to set property as index #33312
  • Mockito mock falsely initialized as CGLIB proxy with AspectJ aspect #33142
  • "file:." cannot be resolved to java.nio.file.Path (and plain "." value resolves to classpath root) #33140

📔 Documentation

  • Typo in Annotation-driven Listener Endpoints section of Spring Framework documentation #33052
  • Container Extension Points section of Spring Framework documentation refers to the wrong property name #33039
  • Incorrect constructor details in the javadoc for ApplicationContextEvent #33034

🔨 Dependency Upgrades

  • Upgrade to Reactor 2020.0.47 #33322

v5.3.37

⭐ New Features

  • AnnotationUtils performance degrades with deep stacks #32923

🐞 Bug Fixes

  • AspectJ CTW aspects executed twice #32974
  • SpEL compilation fails when indexing into a Map with a primitive #32911
  • SpEL compilation fails when indexing into an array or list with an Integer #32909
  • Application not starting with @EnableTransactionManagement(mode = AdviceMode.ASPECTJ) #32885

🔨 Dependency Upgrades

  • Upgrade to Reactor 2020.0.45 #33010

v5.3.36

🐞 Bug Fixes

  • Overridden aspect method runs twice #32868
  • @DateTimeFormat(iso = DateTimeFormat.ISO.DATE\_TIME) cannot convert UTC without milliseconds to java.util.Date #32860

... (truncated)

Commits
  • f1b128b Release v5.3.39
  • 8a44eaa Next development version (v5.3.39-SNAPSHOT)
  • f44d13c Disable array allocation in case of no constructor resolution
  • f00bc7b Remove snapshot repo
  • 582bfcc Efficient ETag parsing
  • 406b33d Upgrade to Netty 4.1.112
  • f9c3d00 Introduce withAssignmentDisabled() option for SimpleEvaluationContext
  • d2715d2 Fix incorrect weak ETag assertion
  • 57b02da Upgrade to Reactor 2020.0.47
  • df33bf2 Sync GHA setup
  • Additional commits viewable in compare view

Updates org.apache.commons:commons-configuration2 from 2.8.0 to 2.10.1

Updates org.apache.commons:commons-configuration2 from 2.8.0 to 2.10.1

Updates org.yaml:snakeyaml from 1.33 to 2.0

Commits
  • c98ffba issue 561: add negative test case
  • e2ca740 Use Maven wrapper on github
  • 49d91a1 Fix target for github
  • 19e331d Disable toolchain for github
  • 42c7812 Cobertura plugin does not work
  • 03c82b5 Rename GlobalTagRejectionTest to be run by Maven
  • 6e8cd89 Remove cobertura
  • d9b0f48 Improve Javadoc
  • 519791a Run install and site goals under docker
  • 82f33d2 Merge branch 'master' into add-module-info
  • Additional commits viewable in compare view

Updates org.apache.derby:derby from 10.14.2.0 to 10.17.1.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the maven group across 8 directories with 10 updates
32e8117 
Bumps the maven group with 1 update in the /it/google-cloud-platform directory: [org.apache.parquet:parquet-avro](https://github.com/apache/parquet-mr).
Bumps the maven group with 4 updates in the /plugins/templates-maven-plugin directory: [org.apache.maven:maven-plugin-api](https://github.com/apache/maven), org.apache.maven:maven-core, org.apache.maven:maven-artifact and [org.apache.maven:maven-compat](https://github.com/apache/maven).
Bumps the maven group with 1 update in the /structured-logging directory: [ch.qos.logback:logback-core](https://github.com/qos-ch/logback).
Bumps the maven group with 2 updates in the /v1 directory: org.apache.derby:derby and [org.springframework:spring-expression](https://github.com/spring-projects/spring-framework).
Bumps the maven group with 1 update in the /v2/cdc-parent directory: org.apache.commons:commons-configuration2.
Bumps the maven group with 1 update in the /v2/cdc-parent/cdc-embedded-connector directory: org.apache.commons:commons-configuration2.
Bumps the maven group with 1 update in the /v2/googlecloud-to-neo4j directory: [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml).
Bumps the maven group with 1 update in the /v2/sourcedb-to-spanner directory: org.apache.derby:derby.


Updates `org.apache.parquet:parquet-avro` from 1.13.1 to 1.15.2
- [Release notes](https://github.com/apache/parquet-mr/releases)
- [Changelog](https://github.com/apache/parquet-java/blob/master/CHANGES.md)
- [Commits](apache/parquet-java@apache-parquet-1.13.1...apache-parquet-1.15.2)

Updates `org.apache.maven:maven-plugin-api` from 3.6.3 to 3.9.9
- [Release notes](https://github.com/apache/maven/releases)
- [Commits](apache/maven@maven-3.6.3...maven-3.9.9)

Updates `org.apache.maven:maven-core` from 3.6.3 to 3.9.9

Updates `org.apache.maven:maven-artifact` from 3.6.3 to 3.9.9

Updates `org.apache.maven:maven-compat` from 3.6.3 to 3.9.9
- [Release notes](https://github.com/apache/maven/releases)
- [Commits](apache/maven@maven-3.6.3...maven-3.9.9)

Updates `org.apache.maven:maven-compat` from 3.6.3 to 3.9.9
- [Release notes](https://github.com/apache/maven/releases)
- [Commits](apache/maven@maven-3.6.3...maven-3.9.9)

Updates `ch.qos.logback:logback-core` from 1.4.14 to 1.5.13
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.4.14...v_1.5.13)

Updates `org.apache.derby:derby` from 10.14.2.0 to 10.17.1.0

Updates `org.springframework:spring-expression` from 5.2.22.RELEASE to 5.3.39
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v5.2.22.RELEASE...v5.3.39)

Updates `org.apache.commons:commons-configuration2` from 2.8.0 to 2.10.1

Updates `org.apache.commons:commons-configuration2` from 2.8.0 to 2.10.1

Updates `org.yaml:snakeyaml` from 1.33 to 2.0
- [Commits](https://bitbucket.org/snakeyaml/snakeyaml/branches/compare/snakeyaml-2.0..snakeyaml-1.33)

Updates `org.apache.derby:derby` from 10.14.2.0 to 10.17.1.0

---
updated-dependencies:
- dependency-name: org.apache.parquet:parquet-avro
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.maven:maven-plugin-api
  dependency-version: 3.9.9
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.maven:maven-core
  dependency-version: 3.9.9
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.maven:maven-artifact
  dependency-version: 3.9.9
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.maven:maven-compat
  dependency-version: 3.9.9
  dependency-type: direct:development
  dependency-group: maven
- dependency-name: org.apache.maven:maven-compat
  dependency-version: 3.9.9
  dependency-type: direct:development
  dependency-group: maven
- dependency-name: ch.qos.logback:logback-core
  dependency-version: 1.5.13
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.derby:derby
  dependency-version: 10.17.1.0
  dependency-type: direct:development
  dependency-group: maven
- dependency-name: org.springframework:spring-expression
  dependency-version: 5.3.39
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.commons:commons-configuration2
  dependency-version: 2.10.1
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.commons:commons-configuration2
  dependency-version: 2.10.1
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.yaml:snakeyaml
  dependency-version: '2.0'
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.derby:derby
  dependency-version: 10.17.1.0
  dependency-type: direct:development
  dependency-group: maven
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels May 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants