This is an automated email from the ASF dual-hosted git repository.
pingsutw pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/submarine.git
The following commit(s) were added to refs/heads/master by this push:
new 3d61926e Bump commons-compress from 1.4.1 to 1.21
3d61926e is described below
commit 3d61926ee51448607c7e9a1201e585218ea3bb1e
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Tue Apr 26 22:57:35 2022 +0000
Bump commons-compress from 1.4.1 to 1.21
Bumps commons-compress from 1.4.1 to 1.21.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default
for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the
default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the
default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the
default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security
Alerts page](https://github.com/apache/submarine/network/alerts).
</details>
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Kevin Su <[email protected]>
Closes #946 from
dependabot[bot]/dependabot/maven/org.apache.commons-commons-compress-1.21 and
squashes the following commits:
4a91bdf1 [dependabot[bot]] Bump commons-compress from 1.4.1 to 1.21
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 2c0e85fa..2baecfde 100644
--- a/pom.xml
+++ b/pom.xml
@@ -141,7 +141,7 @@
<!-- embedded-ldap-junit -->
<embedded-ldap-junit.version>0.7</embedded-ldap-junit.version>
<jaxb-api.version>2.2.11</jaxb-api.version>
- <commons-compress.version>1.4.1</commons-compress.version>
+ <commons-compress.version>1.21</commons-compress.version>
<guice-servlet.version>3.0</guice-servlet.version>
<guice.version>3.0</guice.version>
<!-- server API -->
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
