[tinkerpop] branch master updated (4cdddebc30 -> 311dc6274b)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from 4cdddebc30 Merge branch '3.6-dev' add 2a5e948a3e Bump eslint (#2142) add 3f94340a9f Bump prettier from 2.8.8 to 3.0.0 in /gremlin-javascript/src/main/javascript/gremlin-javascript (#2121) add 489e00b2a9 Merge branch '3.5-dev' into 3.6-dev new 311dc6274b Merge branch '3.6-dev' The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../gremlin-javascript/package-lock.json | 861 - .../javascript/gremlin-javascript/package.json | 4 +- 2 files changed, 832 insertions(+), 33 deletions(-)
[tinkerpop] 01/01: Merge branch '3.6-dev'
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tinkerpop.git commit 311dc6274bb64d8e41c6c9d5bf0b656ba1635bd3 Merge: 4cdddebc30 489e00b2a9 Author: Cole-Greer AuthorDate: Mon Jul 17 21:04:23 2023 -0700 Merge branch '3.6-dev' .../gremlin-javascript/package-lock.json | 861 - .../javascript/gremlin-javascript/package.json | 4 +- 2 files changed, 832 insertions(+), 33 deletions(-)
[tinkerpop] 01/01: Merge branch '3.5-dev' into 3.6-dev
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a commit to branch 3.6-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git commit 489e00b2a9c1f3c5272450b0639468a15941e158 Merge: 1f99a0a7de 3f94340a9f Author: Cole-Greer AuthorDate: Mon Jul 17 21:03:56 2023 -0700 Merge branch '3.5-dev' into 3.6-dev .../gremlin-javascript/package-lock.json | 861 - .../javascript/gremlin-javascript/package.json | 4 +- 2 files changed, 832 insertions(+), 33 deletions(-) diff --cc gremlin-javascript/src/main/javascript/gremlin-javascript/package-lock.json index cf0f69a6d6,eafeac0258..55fc7687d3 --- a/gremlin-javascript/src/main/javascript/gremlin-javascript/package-lock.json +++ b/gremlin-javascript/src/main/javascript/gremlin-javascript/package-lock.json @@@ -23,8 -23,8 +23,8 @@@ "grunt": "^1.5.3", "grunt-cli": "~1.4.3", "grunt-jsdoc": "~2.4.1", -"mocha": "^9.2.2", +"mocha": "^10.2.0", - "prettier": "^2.7.1" + "prettier": "^3.0.0" }, "engines": { "node": ">=16" diff --cc gremlin-javascript/src/main/javascript/gremlin-javascript/package.json index c108053315,5aaab0cc62..a22bcc056f --- a/gremlin-javascript/src/main/javascript/gremlin-javascript/package.json +++ b/gremlin-javascript/src/main/javascript/gremlin-javascript/package.json @@@ -28,8 -28,8 +28,8 @@@ "grunt": "^1.5.3", "grunt-cli": "~1.4.3", "grunt-jsdoc": "~2.4.1", -"mocha": "^9.2.2", +"mocha": "^10.2.0", - "prettier": "^2.7.1" + "prettier": "^3.0.0" }, "repository": { "type": "git",
[tinkerpop] branch 3.6-dev updated (1f99a0a7de -> 489e00b2a9)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a change to branch 3.6-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from 1f99a0a7de Merge branch '3.5-dev' into 3.6-dev add 2a5e948a3e Bump eslint (#2142) add 3f94340a9f Bump prettier from 2.8.8 to 3.0.0 in /gremlin-javascript/src/main/javascript/gremlin-javascript (#2121) new 489e00b2a9 Merge branch '3.5-dev' into 3.6-dev The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../gremlin-javascript/package-lock.json | 861 - .../javascript/gremlin-javascript/package.json | 4 +- 2 files changed, 832 insertions(+), 33 deletions(-)
[tinkerpop] branch dependabot/npm_and_yarn/gremlint/3.5-dev/prettier-3.0.0 updated (2a84ca16bc -> 5ef6e4ec79)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/npm_and_yarn/gremlint/3.5-dev/prettier-3.0.0 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git omit 2a84ca16bc Bump prettier from 2.8.8 to 3.0.0 in /gremlint add fed6725a61 TINKERPOP-2920 Fixed bug in SubgraphStrategy when key not present add b2fb2b2465 Merge branch 'TINKERPOP-2920' into 3.5-dev add fb41e5b50b Bump golang.org/x/text from 0.10.0 to 0.11.0 in /gremlin-go (#2119) add 1eb6fc2494 Bump eslint (#2118) add 1baf9431bc Bump javapoet from 1.8.0 to 1.13.0 (#2107) add 309e332b2e TINKERPOP-2965 Fixed bug in FilterRankingStrategy add bac8069578 TINKERPOP-2953 Update how enums are imported in ImportGroovyCustomizer. add 153331f839 Merge pull request #2133 add 08559317c7 TINKERPOP-2948 bump jackson databind to 2.15.0 (#2139) add 2a5e948a3e Bump eslint (#2142) add 3f94340a9f Bump prettier from 2.8.8 to 3.0.0 in /gremlin-javascript/src/main/javascript/gremlin-javascript (#2121) add 5ef6e4ec79 Bump prettier from 2.8.8 to 3.0.0 in /gremlint This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (2a84ca16bc) \ N -- N -- N refs/heads/dependabot/npm_and_yarn/gremlint/3.5-dev/prettier-3.0.0 (5ef6e4ec79) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: CHANGELOG.asciidoc | 11 +- docs/src/upgrade/release-3.5.x.asciidoc| 14 + .../process/traversal/lambda/ValueTraversal.java | 7 +- .../traversal/step/map/PropertyMapStep.java| 4 + .../optimization/FilterRankingStrategy.java| 33 +- .../optimization/ProductiveByStrategy.java | 20 +- .../HasNextStep.java => util/DepthComparator.java} | 30 +- .../process/traversal/util/TraversalHelper.java| 35 + .../structure/io/graphson/GraphSONMapper.java | 25 +- .../structure/io/graphson/GraphSONModule.java | 1 + .../traversal/util/TraversalHelperTest.java| 43 +- .../io/graphson/GraphSONStreamConstraintsTest.java | 93 ++ .../Gremlin.Net.IntegrationTest/Gherkin/Gremlin.cs | 2 + .../ser/AbstractGraphSONMessageSerializerV1d0.java | 16 + .../ser/AbstractGraphSONMessageSerializerV2d0.java | 16 + .../gremlin/driver/ClusterConfigTest.java | 72 ++ .../AbstractGraphSONMessageSerializerV1d0Test.java | 53 ++ .../AbstractGraphSONMessageSerializerV2d0Test.java | 53 ++ gremlin-go/driver/cucumber/gremlin.go | 2 + gremlin-go/go.mod | 2 +- gremlin-go/go.sum | 4 +- .../groovy/jsr223/ImportGroovyCustomizer.java | 2 +- .../jsr223/GremlinGroovyScriptEngineTest.java | 27 + .../gremlin-javascript/package-lock.json | 971 +++-- .../javascript/gremlin-javascript/package.json | 4 +- .../gremlin-javascript/test/cucumber/gremlin.js| 2 + gremlin-python/src/main/python/radish/gremlin.py | 2 + gremlin-shaded/pom.xml | 2 +- gremlin-test/features/filter/Where.feature | 36 + .../decoration/SubgraphStrategyProcessTest.java| 24 + pom.xml| 7 +- 31 files changed, 1487 insertions(+), 126 deletions(-) copy gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/{step/map/HasNextStep.java => util/DepthComparator.java} (56%) create mode 100644 gremlin-core/src/test/java/org/apache/tinkerpop/gremlin/structure/io/graphson/GraphSONStreamConstraintsTest.java create mode 100644 gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ClusterConfigTest.java create mode 100644 gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ser/AbstractGraphSONMessageSerializerV1d0Test.java create mode 100644 gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ser/AbstractGraphSONMessageSerializerV2d0Test.java
[tinkerpop] branch dependabot/npm_and_yarn/gremlin-javascript/src/main/javascript/gremlin-javascript/3.5-dev/prettier-3.0.0 deleted (was b38219f709)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a change to branch dependabot/npm_and_yarn/gremlin-javascript/src/main/javascript/gremlin-javascript/3.5-dev/prettier-3.0.0 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git was b38219f709 Upgrade eslint-plugin-prettier to 5.0.0 for compatibility with prettier 3.0.0 The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[tinkerpop] branch 3.5-dev updated (2a5e948a3e -> 3f94340a9f)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a change to branch 3.5-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from 2a5e948a3e Bump eslint (#2142) add 3f94340a9f Bump prettier from 2.8.8 to 3.0.0 in /gremlin-javascript/src/main/javascript/gremlin-javascript (#2121) No new revisions were added by this update. Summary of changes: .../gremlin-javascript/package-lock.json | 845 - .../javascript/gremlin-javascript/package.json | 4 +- 2 files changed, 826 insertions(+), 23 deletions(-)
[GitHub] [tinkerpop] Cole-Greer merged pull request #2121: Bump prettier from 2.8.8 to 3.0.0 in /gremlin-javascript/src/main/javascript/gremlin-javascript
Cole-Greer merged PR #2121: URL: https://github.com/apache/tinkerpop/pull/2121 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[tinkerpop] branch dependabot/npm_and_yarn/gremlin-javascript/src/main/javascript/gremlin-javascript/3.5-dev/eslint-8.45.0 deleted (was 05e55012dd)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a change to branch dependabot/npm_and_yarn/gremlin-javascript/src/main/javascript/gremlin-javascript/3.5-dev/eslint-8.45.0 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git was 05e55012dd Bump eslint The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[tinkerpop] branch 3.5-dev updated (08559317c7 -> 2a5e948a3e)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a change to branch 3.5-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from 08559317c7 TINKERPOP-2948 bump jackson databind to 2.15.0 (#2139) add 2a5e948a3e Bump eslint (#2142) No new revisions were added by this update. Summary of changes: .../main/javascript/gremlin-javascript/package-lock.json | 16 ++-- 1 file changed, 6 insertions(+), 10 deletions(-)
[GitHub] [tinkerpop] Cole-Greer merged pull request #2142: Bump eslint from 8.44.0 to 8.45.0 in /gremlin-javascript/src/main/javascript/gremlin-javascript
Cole-Greer merged PR #2142: URL: https://github.com/apache/tinkerpop/pull/2142 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[tinkerpop] branch dependabot/maven/3.5-dev/com.fasterxml.jackson.core-jackson-databind-2.15.2 deleted (was 96580f94c5)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/3.5-dev/com.fasterxml.jackson.core-jackson-databind-2.15.2 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git was 96580f94c5 Bump jackson-databind from 2.10.0 to 2.15.2 The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[GitHub] [tinkerpop] Cole-Greer closed pull request #2141: Bump jackson-databind from 2.10.0 to 2.15.2
Cole-Greer closed pull request #2141: Bump jackson-databind from 2.10.0 to 2.15.2 URL: https://github.com/apache/tinkerpop/pull/2141 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [tinkerpop] dependabot[bot] commented on pull request #2141: Bump jackson-databind from 2.10.0 to 2.15.2
dependabot[bot] commented on PR #2141: URL: https://github.com/apache/tinkerpop/pull/2141#issuecomment-1638981788 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[tinkerpop] 01/01: Merge branch '3.6-dev'
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tinkerpop.git commit 4cdddebc304cf6d0471a5b724b54ede8a2297611 Merge: 30df50200f 1f99a0a7de Author: Cole-Greer AuthorDate: Mon Jul 17 15:25:02 2023 -0700 Merge branch '3.6-dev' CHANGELOG.asciidoc | 2 + docs/src/upgrade/release-3.5.x.asciidoc| 14 .../structure/io/graphson/GraphSONMapper.java | 25 +- .../io/graphson/GraphSONStreamConstraintsTest.java | 93 ++ .../gremlin/driver/ClusterConfigTest.java | 72 + gremlin-shaded/pom.xml | 2 +- .../ser/AbstractGraphSONMessageSerializerV1.java | 16 .../ser/AbstractGraphSONMessageSerializerV2.java | 16 .../AbstractGraphSONMessageSerializerV1Test.java | 53 .../AbstractGraphSONMessageSerializerV2Test.java | 53 pom.xml| 5 +- 11 files changed, 348 insertions(+), 3 deletions(-) diff --cc gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ClusterConfigTest.java index 00,4e47684dd7..03b8fce75c mode 00,100644..100644 --- a/gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ClusterConfigTest.java +++ b/gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ClusterConfigTest.java @@@ -1,0 -1,72 +1,72 @@@ + /* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + package org.apache.tinkerpop.gremlin.driver; + + import org.apache.commons.configuration2.BaseConfiguration; + import org.apache.commons.configuration2.Configuration; -import org.apache.tinkerpop.gremlin.driver.ser.GraphSONMessageSerializerV2d0; -import org.apache.tinkerpop.gremlin.driver.ser.GraphSONMessageSerializerV3d0; ++import org.apache.tinkerpop.gremlin.util.ser.GraphSONMessageSerializerV2; ++import org.apache.tinkerpop.gremlin.util.ser.GraphSONMessageSerializerV3; + import org.apache.tinkerpop.shaded.jackson.core.StreamReadConstraints; + import org.junit.Test; + + import java.util.Arrays; + + import static org.junit.Assert.assertEquals; + import static org.junit.Assert.assertTrue; + + public class ClusterConfigTest { + + @Test + public void shouldPropagateSerializerConstraintsForGraphSON3() { + final Configuration config = new BaseConfiguration(); + config.setProperty("serializer.config.maxNumberLength", 999); + config.setProperty("serializer.config.maxStringLength", 123456); + config.setProperty("serializer.config.maxNestingDepth", 55); + config.setProperty("hosts", Arrays.asList("localhost")); + -config.setProperty("serializer.className", GraphSONMessageSerializerV3d0.class.getCanonicalName()); ++config.setProperty("serializer.className", GraphSONMessageSerializerV3.class.getCanonicalName()); + final Cluster cluster = Cluster.open(config); -assertTrue(cluster.getSerializer() instanceof GraphSONMessageSerializerV3d0); -final GraphSONMessageSerializerV3d0 serV3 = (GraphSONMessageSerializerV3d0) cluster.getSerializer(); ++assertTrue(cluster.getSerializer() instanceof GraphSONMessageSerializerV3); ++final GraphSONMessageSerializerV3 serV3 = (GraphSONMessageSerializerV3) cluster.getSerializer(); + final StreamReadConstraints constraints = serV3.getMapper().getFactory().streamReadConstraints(); + + assertEquals(999, constraints.getMaxNumberLength()); + assertEquals(123456, constraints.getMaxStringLength()); + assertEquals(55, constraints.getMaxNestingDepth()); + } + + @Test + public void shouldPropagateSerializerConstraintsForGraphSON2() { + final Configuration config = new BaseConfiguration(); + config.setProperty("serializer.config.maxNumberLength", 999); + config.setProperty("serializer.config.maxStringLength", 123456); + config.setProperty("serializer.config.maxNestingDepth", 55); + config.setProperty("hosts", Arrays.asList("localhost")); + -
[tinkerpop] branch master updated (30df50200f -> 4cdddebc30)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from 30df50200f Merge branch '3.6-dev' add 08559317c7 TINKERPOP-2948 bump jackson databind to 2.15.0 (#2139) add 1f99a0a7de Merge branch '3.5-dev' into 3.6-dev new 4cdddebc30 Merge branch '3.6-dev' The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: CHANGELOG.asciidoc | 2 + docs/src/upgrade/release-3.5.x.asciidoc| 14 .../structure/io/graphson/GraphSONMapper.java | 25 +- .../io/graphson/GraphSONStreamConstraintsTest.java | 93 ++ .../gremlin/driver/ClusterConfigTest.java | 72 + gremlin-shaded/pom.xml | 2 +- .../ser/AbstractGraphSONMessageSerializerV1.java | 16 .../ser/AbstractGraphSONMessageSerializerV2.java | 16 .../AbstractGraphSONMessageSerializerV1Test.java | 53 .../AbstractGraphSONMessageSerializerV2Test.java | 53 pom.xml| 5 +- 11 files changed, 348 insertions(+), 3 deletions(-) create mode 100644 gremlin-core/src/test/java/org/apache/tinkerpop/gremlin/structure/io/graphson/GraphSONStreamConstraintsTest.java create mode 100644 gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ClusterConfigTest.java create mode 100644 gremlin-util/src/test/java/org/apache/tinkerpop/gremlin/util/ser/AbstractGraphSONMessageSerializerV1Test.java create mode 100644 gremlin-util/src/test/java/org/apache/tinkerpop/gremlin/util/ser/AbstractGraphSONMessageSerializerV2Test.java
[tinkerpop] branch 3.6-dev updated (167e86d63b -> 1f99a0a7de)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a change to branch 3.6-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from 167e86d63b Merge branch '3.5-dev' into 3.6-dev add 08559317c7 TINKERPOP-2948 bump jackson databind to 2.15.0 (#2139) new 1f99a0a7de Merge branch '3.5-dev' into 3.6-dev The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: CHANGELOG.asciidoc | 2 + docs/src/upgrade/release-3.5.x.asciidoc| 14 .../structure/io/graphson/GraphSONMapper.java | 25 +- .../io/graphson/GraphSONStreamConstraintsTest.java | 93 ++ .../ser/AbstractGraphSONMessageSerializerV1d0.java | 16 .../ser/AbstractGraphSONMessageSerializerV2d0.java | 16 .../gremlin/driver/ClusterConfigTest.java | 72 + .../AbstractGraphSONMessageSerializerV1d0Test.java | 53 .../AbstractGraphSONMessageSerializerV2d0Test.java | 53 gremlin-shaded/pom.xml | 2 +- pom.xml| 5 +- 11 files changed, 348 insertions(+), 3 deletions(-) create mode 100644 gremlin-core/src/test/java/org/apache/tinkerpop/gremlin/structure/io/graphson/GraphSONStreamConstraintsTest.java create mode 100644 gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ClusterConfigTest.java create mode 100644 gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ser/AbstractGraphSONMessageSerializerV1d0Test.java create mode 100644 gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/ser/AbstractGraphSONMessageSerializerV2d0Test.java
[tinkerpop] 01/01: Merge branch '3.5-dev' into 3.6-dev
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a commit to branch 3.6-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git commit 1f99a0a7de4fa708602771420e6acc1dccb3afc7 Merge: 167e86d63b 08559317c7 Author: Cole-Greer AuthorDate: Mon Jul 17 14:51:34 2023 -0700 Merge branch '3.5-dev' into 3.6-dev CHANGELOG.asciidoc | 2 + docs/src/upgrade/release-3.5.x.asciidoc| 14 .../structure/io/graphson/GraphSONMapper.java | 25 +- .../io/graphson/GraphSONStreamConstraintsTest.java | 93 ++ .../ser/AbstractGraphSONMessageSerializerV1d0.java | 16 .../ser/AbstractGraphSONMessageSerializerV2d0.java | 16 .../gremlin/driver/ClusterConfigTest.java | 72 + .../AbstractGraphSONMessageSerializerV1d0Test.java | 53 .../AbstractGraphSONMessageSerializerV2d0Test.java | 53 gremlin-shaded/pom.xml | 2 +- pom.xml| 5 +- 11 files changed, 348 insertions(+), 3 deletions(-) diff --cc CHANGELOG.asciidoc index 33032653ff,bd05427e69..c19b3ea958 --- a/CHANGELOG.asciidoc +++ b/CHANGELOG.asciidoc @@@ -362,7 -23,9 +362,9 @@@ image::https://raw.githubusercontent.co [[release-3-5-7]] === TinkerPop 3.5.7 (Release Date: NOT OFFICIALLY RELEASED YET) + * Bumped `jackson-databind` to 2.15.2 to fix security vulnerability. + * Introduced `maxNumberLength`, `maxStringLength`, and `maxNestingDepth` configs for `GraphSON` serializers. -* Fixed a memory leak in the Gremlin.Net driver that only occurred if a CancellationToken was provided. +* Fixed a memory leak in the Gremlin.Net driver that only occurred if a `CancellationToken` was provided. * Fixed gremlin-python `Client` problem where calling `submit()` after` `close()` would hang the system. * Added `gremlin.spark.dontDeleteNonEmptyOutput` to stop deleting the output folder if it is not empty in `spark-gremlin`. * Fixed a bug in `SubgraphStrategy` where the vertex property filter produced errors if a `Vertex` was missing the key provided to `by()` as a token.
[tinkerpop] branch 3.5-dev updated: TINKERPOP-2948 bump jackson databind to 2.15.0 (#2139)
This is an automated email from the ASF dual-hosted git repository. colegreer pushed a commit to branch 3.5-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git The following commit(s) were added to refs/heads/3.5-dev by this push: new 08559317c7 TINKERPOP-2948 bump jackson databind to 2.15.0 (#2139) 08559317c7 is described below commit 08559317c7e1c9c783ac6a88c6b8cb4bb569cb79 Author: Cole Greer <112986082+cole-gr...@users.noreply.github.com> AuthorDate: Mon Jul 17 14:48:30 2023 -0700 TINKERPOP-2948 bump jackson databind to 2.15.0 (#2139) * TINKERPOP-2948 bump jackson databind to 2.15.0 Update maven-shade-plugin * TINKERPOP-2948 Add StreamReadConstraints config to GraphSON serializers With the upgrade to jackson 2.15.0, new StreamReadConstraints are introduced which set certain max token sizes for deserialization. This commit is adding configuration options to all GraphSON serializers to define maxNumberLength, maxStringLength, and maxNestingDepth options. Also includes a small change to the shade plugin to stop generating dependency-reduced-pom.xml's as they were leading to dependency related build problems throughout the project. - Co-authored-by: Aaron Coady --- CHANGELOG.asciidoc | 2 + docs/src/upgrade/release-3.5.x.asciidoc| 14 .../structure/io/graphson/GraphSONMapper.java | 25 +- .../io/graphson/GraphSONStreamConstraintsTest.java | 93 ++ .../ser/AbstractGraphSONMessageSerializerV1d0.java | 16 .../ser/AbstractGraphSONMessageSerializerV2d0.java | 16 .../gremlin/driver/ClusterConfigTest.java | 72 + .../AbstractGraphSONMessageSerializerV1d0Test.java | 53 .../AbstractGraphSONMessageSerializerV2d0Test.java | 53 gremlin-shaded/pom.xml | 2 +- pom.xml| 5 +- 11 files changed, 348 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc index 0471d6fbaa..bd05427e69 100644 --- a/CHANGELOG.asciidoc +++ b/CHANGELOG.asciidoc @@ -23,6 +23,8 @@ image::https://raw.githubusercontent.com/apache/tinkerpop/master/docs/static/ima [[release-3-5-7]] === TinkerPop 3.5.7 (Release Date: NOT OFFICIALLY RELEASED YET) +* Bumped `jackson-databind` to 2.15.2 to fix security vulnerability. +* Introduced `maxNumberLength`, `maxStringLength`, and `maxNestingDepth` configs for `GraphSON` serializers. * Fixed a memory leak in the Gremlin.Net driver that only occurred if a CancellationToken was provided. * Fixed gremlin-python `Client` problem where calling `submit()` after` `close()` would hang the system. * Added `gremlin.spark.dontDeleteNonEmptyOutput` to stop deleting the output folder if it is not empty in `spark-gremlin`. diff --git a/docs/src/upgrade/release-3.5.x.asciidoc b/docs/src/upgrade/release-3.5.x.asciidoc index acc54af038..d7ea18c3c7 100644 --- a/docs/src/upgrade/release-3.5.x.asciidoc +++ b/docs/src/upgrade/release-3.5.x.asciidoc @@ -32,6 +32,20 @@ complete list of all the modifications that are part of this release. `gremlin-javascript` and `gremlint` have upgraded from Node 10 to Node 16 as Node 10 has passed end of life. `gremlin-go` has upgraded from Go 1.17 to Go 1.20 as Go 1.20 has passed end of life. +Introduced max number length (1 chars), string length (20 000 000 chars), and nesting depth (1000) +constraints for GraphSON deserialization due to security vulnerabilities with earlier versions of Jackson Databind. +New constraints are not expected to impact most users but can be overriden via GraphSONMapper.Builder or through serializer configuration. +Example: +``` +serializers: + - { className: org.apache.tinkerpop.gremlin.driver.ser.GraphSONMessageSerializerV3d0, + config: { +maxNumberLength: 500, +maxStringLength: 500, +maxNestingDepth: 500 + } + } +``` == TinkerPop 3.5.6 diff --git a/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/structure/io/graphson/GraphSONMapper.java b/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/structure/io/graphson/GraphSONMapper.java index fdd421382d..562f2a1379 100644 --- a/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/structure/io/graphson/GraphSONMapper.java +++ b/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/structure/io/graphson/GraphSONMapper.java @@ -22,7 +22,9 @@ import org.apache.tinkerpop.gremlin.structure.Graph; import org.apache.tinkerpop.gremlin.structure.io.IoRegistry; import org.apache.tinkerpop.gremlin.structure.io.Mapper; import org.apache.tinkerpop.shaded.jackson.annotation.JsonTypeInfo; +import org.apache.tinkerpop.shaded.jackson.core.JsonFactory; import org.apache.tinkerpop.shaded.jackson.core.JsonGenerator; +import org.apache.tinkerpop.shaded.jackson.core.StreamReadConstraints;
[GitHub] [tinkerpop] Cole-Greer merged pull request #2139: TINKERPOP-2948 bump jackson databind to 2.15.0
Cole-Greer merged PR #2139: URL: https://github.com/apache/tinkerpop/pull/2139 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [tinkerpop] Cole-Greer commented on pull request #2099: String manipulation function concat()
Cole-Greer commented on PR #2099: URL: https://github.com/apache/tinkerpop/pull/2099#issuecomment-1638917727 VOTE +1 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [tinkerpop] kenhuuu commented on pull request #2099: String manipulation function concat()
kenhuuu commented on PR #2099: URL: https://github.com/apache/tinkerpop/pull/2099#issuecomment-1638697593 VOTE +1 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [tinkerpop] xiazcy commented on a diff in pull request #2099: String manipulation function concat()
xiazcy commented on code in PR #2099: URL: https://github.com/apache/tinkerpop/pull/2099#discussion_r1265744569 ## gremlin-test/src/main/resources/org/apache/tinkerpop/gremlin/test/features/map/Concat.feature: ## @@ -0,0 +1,213 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +@StepClassMap @StepConcat +Feature: Step - concat() + + @GraphComputerVerificationInjectionNotSupported + Scenario: g_injectXa_bX_concat +Given the empty graph +And the traversal of + """ + g.inject("a", "b").concat() + """ +When iterated to list +Then the result should be unordered + | result | + | a | + | b | + + @GraphComputerVerificationInjectionNotSupported + Scenario: g_injectXa_bX_concat_XcX +Given the empty graph +And the traversal of + """ + g.inject("a", "b").concat("c") + """ +When iterated to list +Then the result should be unordered + | result | + | ac | + | bc | + + @GraphComputerVerificationInjectionNotSupported + Scenario: g_injectXa_bX_concat_Xc_dX +Given the empty graph +And the traversal of + """ + g.inject("a", "b").concat("c", "d") + """ +When iterated to list +Then the result should be unordered + | result | + | acd | + | bcd | + + @GraphComputerVerificationInjectionNotSupported + Scenario: g_injectXa_bX_concat_Xinject_c_dX +Given the empty graph +And the traversal of + """ + g.inject("a", "b").concat(__.inject("c", "d")) + """ +When iterated to list +Then the result should be unordered + | result | + | acda | Review Comment: Updated to ``` | result | | ac | | bd | ``` (see latest comment). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [tinkerpop] vkagamlyk commented on pull request #2099: String manipulation function concat()
vkagamlyk commented on PR #2099: URL: https://github.com/apache/tinkerpop/pull/2099#issuecomment-1638499751 VOTE +1 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [tinkerpop] codecov-commenter commented on pull request #2142: Bump eslint from 8.44.0 to 8.45.0 in /gremlin-javascript/src/main/javascript/gremlin-javascript
codecov-commenter commented on PR #2142: URL: https://github.com/apache/tinkerpop/pull/2142#issuecomment-1638305716 ## [Codecov](https://app.codecov.io/gh/apache/tinkerpop/pull/2142?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) Report > Merging [#2142](https://app.codecov.io/gh/apache/tinkerpop/pull/2142?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (05e5501) into [3.5-dev](https://app.codecov.io/gh/apache/tinkerpop/commit/153331f839b246984b452d5758cee89bd7295442?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (153331f) will **increase** coverage by `0.06%`. > The diff coverage is `n/a`. ```diff @@ Coverage Diff @@ ## 3.5-dev#2142 +/- ## = + Coverage 69.87% 69.93% +0.06% = Files866 24 -842 Lines 41003 3449 -37554 Branches54590-5459 = - Hits 28650 2412 -26238 + Misses 10447 860-9587 + Partials1906 177-1729 ``` [see 842 files with indirect coverage changes](https://app.codecov.io/gh/apache/tinkerpop/pull/2142/indirect-changes?src=pr=tree-more_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[tinkerpop] branch dependabot/npm_and_yarn/gremlin-javascript/src/main/javascript/gremlin-javascript/3.5-dev/eslint-8.45.0 created (now 05e55012dd)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/npm_and_yarn/gremlin-javascript/src/main/javascript/gremlin-javascript/3.5-dev/eslint-8.45.0 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git at 05e55012dd Bump eslint No new revisions were added by this update.
[GitHub] [tinkerpop] dependabot[bot] opened a new pull request, #2142: Bump eslint from 8.44.0 to 8.45.0 in /gremlin-javascript/src/main/javascript/gremlin-javascript
dependabot[bot] opened a new pull request, #2142: URL: https://github.com/apache/tinkerpop/pull/2142 Bumps [eslint](https://github.com/eslint/eslint) from 8.44.0 to 8.45.0. Release notes Sourced from https://github.com/eslint/eslint/releases;>eslint's releases. v8.45.0 Features https://github.com/eslint/eslint/commit/cdd063c388bbfe1781d7a864a832f03a2c1cc277;>cdd063c feat: Expose LegacyESLint in unsupported API (https://redirect.github.com/eslint/eslint/issues/17341;>#17341) (Nicholas C. Zakas) https://github.com/eslint/eslint/commit/d34abe59eb23932dcbc79757d7932d08ee8b20e5;>d34abe5 feat: fix indent rule for else-if (https://redirect.github.com/eslint/eslint/issues/17318;>#17318) (Milos Djermanovic) Bug Fixes https://github.com/eslint/eslint/commit/b79b6fb64473969b426d086b484d2e29594a5e9a;>b79b6fb fix: Fix suggestion message in no-useless-escape (https://redirect.github.com/eslint/eslint/issues/17339;>#17339) (Francesco Trotta) https://github.com/eslint/eslint/commit/c667055fb9da8ebac3a99f6e5a8b5565cc86af8e;>c667055 fix: provide unique fix and fix.range objects in lint messages (https://redirect.github.com/eslint/eslint/issues/17332;>#17332) (Milos Djermanovic) Documentation https://github.com/eslint/eslint/commit/89f3225108c66425e4132f76db6c1ab13aac98d7;>89f3225 docs: add playground links to correct and incorrect code blocks (https://redirect.github.com/eslint/eslint/issues/17306;>#17306) (Josh Goldberg ✨) https://github.com/eslint/eslint/commit/f8892b52920b8967f9e7bec23c75b74e03977d6b;>f8892b5 docs: Expand rule option schema docs (https://redirect.github.com/eslint/eslint/issues/17198;>#17198) (Matt Wilkinson) https://github.com/eslint/eslint/commit/8bcbf11b6050418262ffa8e0ca37f365ae92e7ce;>8bcbf11 docs: Config Migration Guide (https://redirect.github.com/eslint/eslint/issues/17230;>#17230) (Ben Perlmutter) https://github.com/eslint/eslint/commit/bb3090897166dbfd2931a43a70e2a5c1f3fa0a07;>bb30908 docs: Update README (GitHub Actions Bot) https://github.com/eslint/eslint/commit/84d243b245b01b667f0752b592e8bda02a9aa2b1;>84d243b docs: Update README (GitHub Actions Bot) https://github.com/eslint/eslint/commit/b762632298f20c4f81e7d01ab850c3f5e3874637;>b762632 docs: Update README (GitHub Actions Bot) https://github.com/eslint/eslint/commit/138c096bc9468b553dbafc0e573c6522a17a7922;>138c096 docs: add more prefer-destructuring examples with array destructuring (https://redirect.github.com/eslint/eslint/issues/17330;>#17330) (Milos Djermanovic) https://github.com/eslint/eslint/commit/1fc50a89753346f4f4c786ffd20ac4cf185bb036;>1fc50a8 docs: max-len rule code and tabWidth as positional arguments (https://redirect.github.com/eslint/eslint/issues/17331;>#17331) (Jesús Leganés-Combarro) Chores https://github.com/eslint/eslint/commit/68f63d76ce785fab4f42b76f1599026eea379bf7;>68f63d7 chore: package.json update for @eslint/js release (ESLint Jenkins) https://github.com/eslint/eslint/commit/5ca9b4d29f747e9cf5c9055e85c93b3b605d57fc;>5ca9b4d chore: update eslint-config-eslint exports (https://redirect.github.com/eslint/eslint/issues/17336;>#17336) (Milos Djermanovic) https://github.com/eslint/eslint/commit/7bf2e86022c9e95db4ca1472fddfa2ea4edd1870;>7bf2e86 chore: remove unused dependencies (https://redirect.github.com/eslint/eslint/issues/17352;>#17352) (Percy Ma) https://github.com/eslint/eslint/commit/c6f8cd0d62e4a3c314c6860ff367490bbd05325a;>c6f8cd0 chore: Remove defaultIgnores from FlatESLint private members (https://redirect.github.com/eslint/eslint/issues/17349;>#17349) (Francesco Trotta) https://github.com/eslint/eslint/commit/0052374035672efe9129343fc00ee51a4c288ff3;>0052374 chore: move jsdoc settings to eslint-config-eslint (https://redirect.github.com/eslint/eslint/issues/17338;>#17338) (唯然) Changelog Sourced from https://github.com/eslint/eslint/blob/main/CHANGELOG.md;>eslint's changelog. v8.45.0 - July 14, 2023 https://github.com/eslint/eslint/commit/68f63d76ce785fab4f42b76f1599026eea379bf7;>68f63d7 chore: package.json update for @eslint/js release (ESLint Jenkins) https://github.com/eslint/eslint/commit/89f3225108c66425e4132f76db6c1ab13aac98d7;>89f3225 docs: add playground links to correct and incorrect code blocks (https://redirect.github.com/eslint/eslint/issues/17306;>#17306) (Josh Goldberg ✨) https://github.com/eslint/eslint/commit/f8892b52920b8967f9e7bec23c75b74e03977d6b;>f8892b5 docs: Expand rule option schema docs (https://redirect.github.com/eslint/eslint/issues/17198;>#17198) (Matt Wilkinson) https://github.com/eslint/eslint/commit/8bcbf11b6050418262ffa8e0ca37f365ae92e7ce;>8bcbf11 docs: Config Migration Guide (https://redirect.github.com/eslint/eslint/issues/17230;>#17230) (Ben Perlmutter) https://github.com/eslint/eslint/commit/bb3090897166dbfd2931a43a70e2a5c1f3fa0a07;>bb30908 docs: Update README
[tinkerpop] branch dependabot/maven/3.5-dev/com.fasterxml.jackson.core-jackson-databind-2.15.2 created (now 96580f94c5)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/3.5-dev/com.fasterxml.jackson.core-jackson-databind-2.15.2 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git at 96580f94c5 Bump jackson-databind from 2.10.0 to 2.15.2 No new revisions were added by this update.
[GitHub] [tinkerpop] dependabot[bot] opened a new pull request, #2140: Bump docker-maven-plugin from 0.42.0 to 0.43.0
dependabot[bot] opened a new pull request, #2140: URL: https://github.com/apache/tinkerpop/pull/2140 Bumps [docker-maven-plugin](https://github.com/fabric8io/docker-maven-plugin) from 0.42.0 to 0.43.0. Release notes Sourced from https://github.com/fabric8io/docker-maven-plugin/releases;>docker-maven-plugin's releases. 0.43.0 (2023-05-20) Make buildx build single non-native platform if requested (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1665;>1665) https://github.com/martyvona;>@martyvona Support for buildx option to disable attestations (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1661;>1661) https://github.com/chonton;>@chonton 0.42.1 (2023-04-06) Update Jnr Jffi dependency to v1.3.11 (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1660;>1660) https://github.com/rohanKanojia;>@rohanKanojia Update run platform documentation (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1652;>1652) https://github.com/chonton;>@chonton buildx should split platforms by comma as documented (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1651;>1651) https://github.com/chonton;>@chonton Changelog Sourced from https://github.com/fabric8io/docker-maven-plugin/blob/master/doc/changelog.md;>docker-maven-plugin's changelog. ChangeLog 0.44-SNAPSHOT: 0.43.0 (2023-05-20): Make buildx build single non-native platform if requested (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1665;>1665) https://github.com/martyvona;>@martyvona Support for buildx option to disable attestations (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1661;>1661) https://github.com/chonton;>@chonton 0.42.1 (2023-04-06): Update Jnr Jffi dependency to v1.3.11 (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1660;>1660) https://github.com/rohanKanojia;>@rohanKanojia Update run platform documentation (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1652;>1652) https://github.com/chonton;>@chonton buildx should split platforms by comma as documented (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1651;>1651) https://github.com/chonton;>@chonton 0.42.0 (2023-02-28): Support docker run --platform (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1641;>1641) https://github.com/chonton;>@chonton Update buildx documentation to amplify the build behavior (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1646;>1646) https://github.com/chonton;>@chonton Default to native platform when creating container (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1645;>1645) https://github.com/chonton;>@chonton JIB ignores the DOCKER_REGISTRY environment variable (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1617;>1617) https://github.com/rohanKanojia;>@rohanKanojia 0.41.0 (2023-02-06): multi-arch build should use provided repository (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1597;>1597) https://github.com/merikan;>@merikan new property docker.build.network to override the network for RUN directives for docker build (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1636;>1636) https://github.com/tulinkry;>@tulinkry Update Jib Core to v0.23.0 (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1637;>1637) https://github.com/rohanKanojia;>@rohanKanojia Update JNR UnixSocket to v0.38.19 (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1638;>1638) 0.40.3 (2022-12-18): image/squash option is taken into account when using buildx (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1605;>1605) https://github.com/kevinleturc;>@kevinleturc Allow having build args with same name but different value in various sources, which are overriden in the order of precedence in resulting build args map (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1407;>1407) https://github.com/pavelsmolensky;>@pavelsmolensky Use double for docker.cpus property and interpret this value in the same way as Docker config option --cpus (https://redirect.github.com/fabric8io/docker-maven-plugin/pull/1609;>1609) https://github.com/vjuranek;>@vjuranek NPE from Assembly plugin when POM packaging is used (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1146;>1146) https://github.com/slawekjaranowski;>@slawekjaranowski Docker pulling progress only shown after pull has completed and not in real-time (https://redirect.github.com/fabric8io/docker-maven-plugin/issues/1598;>1598) https://github.com/causalnet;>@causalnet Bump org.yaml:snakeyaml to v1.32
[tinkerpop] branch dependabot/maven/3.5-dev/io.fabric8-docker-maven-plugin-0.43.0 created (now 1856854678)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/3.5-dev/io.fabric8-docker-maven-plugin-0.43.0 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git at 1856854678 Bump docker-maven-plugin from 0.42.0 to 0.43.0 No new revisions were added by this update.
[GitHub] [tinkerpop] dependabot[bot] opened a new pull request, #2141: Bump jackson-databind from 2.10.0 to 2.15.2
dependabot[bot] opened a new pull request, #2141: URL: https://github.com/apache/tinkerpop/pull/2141 Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.10.0 to 2.15.2. Commits See full diff in https://github.com/FasterXML/jackson/commits;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind=maven=2.10.0=2.15.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org