This is an automated email from the ASF dual-hosted git repository.
dongjoon pushed a commit to branch branch-2.2
in repository https://gitbox.apache.org/repos/asf/orc.git
The following commit(s) were added to refs/heads/branch-2.2 by this push:
new 10232d908 ORC-2007: Upgrade `gson` to 2.13.2
10232d908 is described below
commit 10232d9083f7c9b9e8a7a4d30d173530e8f5dce3
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Thu Sep 25 15:40:00 2025 -0700
ORC-2007: Upgrade `gson` to 2.13.2
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from
2.13.0 to 2.13.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/gson/releases";>com.google.code.gson:gson's
releases</a>.</em></p>
<blockquote>
<h2>Gson 2.13.2</h2>
<p>The main changes in this release are just newer dependencies.</p>
<h2>What's Changed</h2>
<ul>
<li>Improved packaging of JPMS module declaration in Gson jar<br />
This fixes an issue where Eclipse and VS Code users could not refer to the
Gson module name <code>com.google.gson</code>. See issue <a
href="https://redirect.github.com/google/gson/issues/2679";>google/gson#2679</a>.</li>
<li>Remove internal class <code>GsonPreconditions</code> by <a
href="https://github.com/Marcono1234";><code>Marcono1234</code></a> in <a
href="https://redirect.github.com/google/gson/pull/2879";>google/gson#2879</a></li>
<li>Switch to using central-publishing-maven-plugin by <a
href="https://github.com/eamonnmcmanus";><code>eamonnmcmanus</code></a> in <a
href="https://redirect.github.com/google/gson/pull/2900";>google/gson#2900</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/MukjepScarlet";><code>MukjepScarlet</code></a> made
their first contribution in <a
href="https://redirect.github.com/google/gson/pull/2852";>google/gson#2852</a></li>
<li><a href="https://github.com/ChrisCraik";><code>ChrisCraik</code></a>
made their first contribution in <a
href="https://redirect.github.com/google/gson/pull/2856";>google/gson#2856</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/gson/compare/gson-parent-2.13.1...gson-parent-2.13.2";>https://github.com/google/gson/compare/gson-parent-2.13.1...gson-parent-2.13.2</a></p>
<h2>Gson 2.13.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Give FieldNamingStrategy the ability to return multiple String names by
<a href="https://github.com/mfriesen";><code>mfriesen</code></a> in <a
href="https://redirect.github.com/google/gson/pull/2776";>google/gson#2776</a></li>
<li>Remove outdated android-proguard-example by <a
href="https://github.com/Goooler";><code>Goooler</code></a> in <a
href="https://redirect.github.com/google/gson/pull/2843";>google/gson#2843</a></li>
<li>Adjust Troubleshooting Guide ProGuard / R8 section by <a
href="https://github.com/Marcono1234";><code>Marcono1234</code></a> in <a
href="https://redirect.github.com/google/gson/pull/2844";>google/gson#2844</a></li>
<li>Update dependencies, including the problematic
<code>com.google.errorprone:error_prone_annotations:2.37.0</code>.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mfriesen";><code>mfriesen</code></a> made
their first contribution in <a
href="https://redirect.github.com/google/gson/pull/2776";>google/gson#2776</a></li>
<li><a href="https://github.com/Goooler";><code>Goooler</code></a> made
their first contribution in <a
href="https://redirect.github.com/google/gson/pull/2843";>google/gson#2843</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/gson/compare/gson-parent-2.13.0...gson-parent-2.13.1";>https://github.com/google/gson/compare/gson-parent-2.13.0...gson-parent-2.13.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google/gson/commit/686fad782d969d8f15c7581a5435a208b810caa7";><code>686fad7</code></a>
[maven-release-plugin] prepare release gson-parent-2.13.2</li>
<li><a
href="https://github.com/google/gson/commit/c2d252a7e93d45b224a72b4ba8148a438cc1d59b";><code>c2d252a</code></a>
Switch to using central-publishing-maven-plugin. (<a
href="https://redirect.github.com/google/gson/issues/2900";>#2900</a>)</li>
<li><a
href="https://github.com/google/gson/commit/69cb755e5209b719b57f3b6f1a864b080cdca314";><code>69cb755</code></a>
Bump the github-actions group with 5 updates (<a
href="https://redirect.github.com/google/gson/issues/2894";>#2894</a>)</li>
<li><a
href="https://github.com/google/gson/commit/ea552c2278784e12094c8daea06b18679b2da2c9";><code>ea552c2</code></a>
Bump the maven group across 1 directory with 3 updates (<a
href="https://redirect.github.com/google/gson/issues/2898";>#2898</a>)</li>
<li><a
href="https://github.com/google/gson/commit/fdc616d0da2fea0b28828386a38396eac66d85fd";><code>fdc616d</code></a>
Set top-level permissions for CodeQL workflow (<a
href="https://redirect.github.com/google/gson/issues/2889";>#2889</a>)</li>
<li><a
href="https://github.com/google/gson/commit/9334715a48aaf11c9f80f89f8242ba7d1c2d0c27";><code>9334715</code></a>
Create scorecard.yml (<a
href="https://redirect.github.com/google/gson/issues/2888";>#2888</a>)</li>
<li><a
href="https://github.com/google/gson/commit/f7de5c2c22dae98f2f98eefcb70c920ff71e437b";><code>f7de5c2</code></a>
Bump the maven group with 8 updates (<a
href="https://redirect.github.com/google/gson/issues/2885";>#2885</a>)</li>
<li><a
href="https://github.com/google/gson/commit/8c23cd363daec806d2e9b69665520043914782ac";><code>8c23cd3</code></a>
Update sources to satisfy a new Error Prone check. (<a
href="https://redirect.github.com/google/gson/issues/2887";>#2887</a>)</li>
<li><a
href="https://github.com/google/gson/commit/5eab3eda9fff9db77b82eae621c26f1d7263386f";><code>5eab3ed</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/google/gson/issues/2886";>#2886</a>)</li>
<li><a
href="https://github.com/google/gson/commit/5f5c20026009010608de17a9e5312849230b3b0b";><code>5f5c200</code></a>
Bump the maven group across 1 directory with 10 updates (<a
href="https://redirect.github.com/google/gson/issues/2872";>#2872</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/google/gson/compare/gson-parent-2.13.0...gson-parent-2.13.2";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `dependabot show <dependency name> ignore conditions` will show all of
the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
</details>
Closes #2404 from
dependabot[bot]/dependabot/maven/java/com.google.code.gson-gson-2.13.2.
Authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Dongjoon Hyun <[email protected]>
(cherry picked from commit 2c375ef732d75ed0bb30cf229dfb072b6fba1f06)
Signed-off-by: Dongjoon Hyun <[email protected]>
---
java/bench/pom.xml | 2 +-
java/pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/java/bench/pom.xml b/java/bench/pom.xml
index 0a02a4d77..9c9ca4cac 100644
--- a/java/bench/pom.xml
+++ b/java/bench/pom.xml
@@ -73,7 +73,7 @@
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
- <version>2.13.0</version>
+ <version>2.13.2</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
diff --git a/java/pom.xml b/java/pom.xml
index feb3aa592..d47ce4e71 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -138,7 +138,7 @@
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
- <version>2.13.0</version>
+ <version>2.13.2</version>
</dependency>
<dependency>
<groupId>com.google.protobuf</groupId>
