This is an automated email from the ASF dual-hosted git repository.
pingsutw pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/submarine.git
The following commit(s) were added to refs/heads/master by this push:
new e713329d Bump gson from 2.8.5 to 2.8.9
e713329d is described below
commit e713329dc2e1070ee2c2427a9efa65c53dde4f1f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Fri May 20 21:34:54 2022 +0000
Bump gson from 2.8.5 to 2.8.9
Bumps [gson](https://github.com/google/gson) from 2.8.5 to 2.8.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/gson/releases";>gson's releases</a>.</em></p>
<blockquote>
<h2>Gson 2.8.9</h2>
<ul>
<li>Make OSGi bundle's dependency on <code>sun.misc</code> optional (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1993";>#1993</a>).</li>
<li>Deprecate <code>Gson.excluder()</code> exposing internal
<code>Excluder</code> class (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1986";>#1986</a>).</li>
<li>Prevent Java deserialization of internal classes (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1991";>#1991</a>).</li>
<li>Improve number strategy implementation (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1987";>#1987</a>).</li>
<li>Fix LongSerializationPolicy null handling being inconsistent with Gson
(<a
href="https://github-redirect.dependabot.com/google/gson/issues/1990";>#1990</a>).</li>
<li>Support arbitrary Number implementation for Object and Number
deserialization (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1290";>#1290</a>).</li>
<li>Bump proguard-maven-plugin from 2.4.0 to 2.5.1 (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1980";>#1980</a>).</li>
<li>Don't exclude static local classes (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1969";>#1969</a>).</li>
<li>Fix <code>RuntimeTypeAdapterFactory</code> depending on internal
<code>Streams</code> class (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1959";>#1959</a>).</li>
<li>Improve Maven build (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1964";>#1964</a>).</li>
<li>Make dependency on <code>java.sql</code> optional (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1707";>#1707</a>).</li>
</ul>
<h2>Gson 2.8.8</h2>
<ul>
<li>Fixed issue with recursive types (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1390";>#1390</a>).</li>
<li>Better behaviour with Java 9+ and <code>Unsafe</code> if there is a
security manager (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1712";>#1712</a>).</li>
<li><code>EnumTypeAdapter</code> now works better when ProGuard has
obfuscated enum fields (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1495";>#1495</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/google/gson/blob/master/CHANGELOG.md";>gson's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.8.9</h2>
<ul>
<li>Make OSGi bundle's dependency on <code>sun.misc</code> optional (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1993";>#1993</a>).</li>
<li>Deprecate <code>Gson.excluder()</code> exposing internal
<code>Excluder</code> class (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1986";>#1986</a>).</li>
<li>Prevent Java deserialization of internal classes (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1991";>#1991</a>).</li>
<li>Improve number strategy implementation (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1987";>#1987</a>).</li>
<li>Fix LongSerializationPolicy null handling being inconsistent with Gson
(<a
href="https://github-redirect.dependabot.com/google/gson/issues/1990";>#1990</a>).</li>
<li>Support arbitrary Number implementation for Object and Number
deserialization (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1290";>#1290</a>).</li>
<li>Bump proguard-maven-plugin from 2.4.0 to 2.5.1 (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1980";>#1980</a>).</li>
<li>Don't exclude static local classes (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1969";>#1969</a>).</li>
<li>Fix <code>RuntimeTypeAdapterFactory</code> depending on internal
<code>Streams</code> class (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1959";>#1959</a>).</li>
<li>Improve Maven build (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1964";>#1964</a>).</li>
<li>Make dependency on <code>java.sql</code> optional (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1707";>#1707</a>).</li>
</ul>
<h2>Version 2.8.8</h2>
<ul>
<li>Fixed issue with recursive types (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1390";>#1390</a>).</li>
<li>Better behaviour with Java 9+ and <code>Unsafe</code> if there is a
security manager (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1712";>#1712</a>).</li>
<li><code>EnumTypeAdapter</code> now works better when ProGuard has
obfuscated enum fields (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1495";>#1495</a>).</li>
</ul>
<h2>Version 2.8.7</h2>
<ul>
<li>Fixed <code>ISO8601UtilsTest</code> failing on systems with UTC+X.</li>
<li>Improved javadoc for <code>JsonStreamParser</code>.</li>
<li>Updated proguard.cfg (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1693";>#1693</a>).</li>
<li>Fixed <code>IllegalStateException</code> in <code>JsonTreeWriter</code>
(<a
href="https://github-redirect.dependabot.com/google/gson/issues/1592";>#1592</a>).</li>
<li>Added <code>JsonArray.isEmpty()</code> (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1640";>#1640</a>).</li>
<li>Added new test cases (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1638";>#1638</a>).</li>
<li>Fixed OSGi metadata generation to work on JavaSE < 9 (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1603";>#1603</a>).</li>
</ul>
<h2>Version 2.8.6</h2>
<p><em>2019-10-04</em> <a
href="https://github.com/google/gson/compare/gson-parent-2.8.5...gson-parent-2.8.6";>GitHub
Diff</a></p>
<ul>
<li>Added static methods <code>JsonParser.parseString</code> and
<code>JsonParser.parseReader</code> and deprecated instance method
<code>JsonParser.parse</code></li>
<li>Java 9 module-info support</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google/gson/commit/6a368d89da37917be7714c3072b8378f4120110a";><code>6a368d8</code></a>
[maven-release-plugin] prepare release gson-parent-2.8.9</li>
<li><a
href="https://github.com/google/gson/commit/ba96d53bad35f7466073f14cb3d89d09383e1a2d";><code>ba96d53</code></a>
Fix missing bounds checks for JsonTreeReader.getPath() (<a
href="https://github-redirect.dependabot.com/google/gson/issues/2001";>#2001</a>)</li>
<li><a
href="https://github.com/google/gson/commit/ca1df7f7e09f6b1a763882029dd7057f475b31de";><code>ca1df7f</code></a>
<a
href="https://github-redirect.dependabot.com/google/gson/issues/1981";>#1981</a>:
Optional OSGi bundle's dependency on sun.misc package (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1993";>#1993</a>)</li>
<li><a
href="https://github.com/google/gson/commit/c54caf308c3f7d4a6088cf3085c2caa9617e0458";><code>c54caf3</code></a>
Deprecate <code>Gson.excluder()</code> exposing internal <code>Excluder</code>
class (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1986";>#1986</a>)</li>
<li><a
href="https://github.com/google/gson/commit/e6fae590cf2a758c47cd5a17f9bf3780ce62c986";><code>e6fae59</code></a>
Prevent Java deserialization of internal classes (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1991";>#1991</a>)</li>
<li><a
href="https://github.com/google/gson/commit/bda2e3d16af776e0f607d56bbab6eac22f8f2d58";><code>bda2e3d</code></a>
Improve number strategy implementation (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1987";>#1987</a>)</li>
<li><a
href="https://github.com/google/gson/commit/cd748df7122ea4260d35dfe90cfab0c079a1504d";><code>cd748df</code></a>
Fix LongSerializationPolicy null handling being inconsistent with Gson (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1990";>#1990</a>)</li>
<li><a
href="https://github.com/google/gson/commit/fe30b85224316cabf19f5dd3223843437c297802";><code>fe30b85</code></a>
Support arbitrary Number implementation for Object and Number
deserialization...</li>
<li><a
href="https://github.com/google/gson/commit/1cc16274235f89650349884dd04760bf15a95d96";><code>1cc1627</code></a>
Fix incorrect feature request template label (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1982";>#1982</a>)</li>
<li><a
href="https://github.com/google/gson/commit/7b9a283a7a5d66878c9be01227b15e631afe2a5a";><code>7b9a283</code></a>
Bump bnd-maven-plugin from 5.3.0 to 6.0.0 (<a
href="https://github-redirect.dependabot.com/google/gson/issues/1985";>#1985</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/google/gson/compare/gson-parent-2.8.5...gson-parent-2.8.9";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default
for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the
default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the
default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the
default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security
Alerts page](https://github.com/apache/submarine/network/alerts).
</details>
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Kevin <[email protected]>
Closes #960 from
dependabot[bot]/dependabot/maven/com.google.code.gson-gson-2.8.9 and squashes
the following commits:
20ceed11 [dependabot[bot]] Bump gson from 2.8.5 to 2.8.9
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 38671903..2e4c5094 100644
--- a/pom.xml
+++ b/pom.xml
@@ -73,7 +73,7 @@
<javax.ws.rsapi.version>2.1</javax.ws.rsapi.version>
<pagehelper.version>5.1.10</pagehelper.version>
- <gson.version>2.8.5</gson.version>
+ <gson.version>2.8.9</gson.version>
<jackson-databind.version>2.11.0</jackson-databind.version>
<jackson-annotations.version>2.11.0</jackson-annotations.version>
<jackson-core.version>2.11.0</jackson-core.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
