[GitHub] [ant] dependabot[bot] opened a new pull request, #189: Bump xercesImpl from 2.12.0 to 2.12.2 in /src/etc/poms/ant
dependabot[bot] opened a new pull request, #189: URL: https://github.com/apache/ant/pull/189 Bumps xercesImpl from 2.12.0 to 2.12.2. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/ant/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@ant.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@ant.apache.org For additional commands, e-mail: dev-h...@ant.apache.org
[GitHub] [ant] dependabot[bot] opened a new pull request, #188: Bump xercesImpl from 2.12.0 to 2.12.2 in /src/etc/poms/ant-junit
dependabot[bot] opened a new pull request, #188: URL: https://github.com/apache/ant/pull/188 Bumps xercesImpl from 2.12.0 to 2.12.2. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/ant/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@ant.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@ant.apache.org For additional commands, e-mail: dev-h...@ant.apache.org
JDK 19 - Virtual Threads Testing!
Welcome to a new Quality Outreach update! This time, we have one update but a major one: JEP 425 (Virtual Threads preview) has been integrated into the OpenJDK mainline! JDK 19 Early-Access builds 22 are the first mainline builds with Virtual Threads (preview) support. So, Project Loom is now getting closer and closer! Please make sure to check the Heads-up below even if you don’t intend to use virtual threads in the short future. ## Heads-up - JEP 425 Virtual Threads (preview) testing The goal of Project Loom is to introduce in the Java platform an easy-to-use, high-throughput lightweight concurrency model, and a related new concurrent programming model. Developed in Project Loom, JEP 425 introduces virtual threads to the Java Platform. Virtual threads are lightweight threads that dramatically reduce the effort of writing, maintaining, and observing high-throughput concurrent applications. Note that virtual threads are a preview API in JDK 19. Please make sure to read 'JEP 425: Virtual Threads (Preview)' for a detailed explanation. A lot of testing has already been done but we are asking, once again, your help to test your project(s) with the latest JDK 19 Early-Access builds, even if you don’t intend to use virtual threads any time soon. There are two approaches to test your project: 1. Update your code to use virtual threads …or 2. Simply test your existing unchanged code with the preview feature enabled. Both approaches should yield valuable feedback. If you choose to adapt your application to use virtual threads (cf. JavaDoc [2]), be aware that in some cases it’s not just about updating your code to use virtual threads instead of platform threads; there are some additional considerations. For example, virtual threads shouldn’t be pooled [3], code that relies heavily on thread locals [4] will require some work to move to a world where there is a new thread for each task, etc. Given that are some minor behavior changes and that `ThreadGroup` has been degraded, testing your code as-is, i.e., without using virtual threads but with the preview feature enabled at runtime, will also be useful. For more details, please check 'JEP 425 - Risks and Assumptions' [5]. One difference between to the EA builds published by Project Loom and the latest JDK 19 EA builds is that the `--enable-preview` flag is required at run-time to use the new APIs. It’s not possible to use the APIs with core reflection to avoid the need for `--enable-preview`. Finally, some tools especially tools relying on JVM TI agents might not be fully ready for virtual threads. Your help testing this important update is greatly appreciated, all feedback should be sent to the 'loom-dev' mailing list [6]. [1] https://openjdk.java.net/jeps/425 [2] https://download.java.net/java/early_access/jdk19/docs/api/java.base/java/lang/Thread.html [3] https://openjdk.java.net/jeps/425#Do-not-pool-virtual-threads [4] https://openjdk.java.net/jeps/425#Thread-local-variables [5] https://openjdk.java.net/jeps/425#Risks-and-Assumptions [6] https://mail.openjdk.java.net/pipermail/loom-dev/ ## JDK 19 Early-Access builds JDK 19 Early-Access builds 22 are now available [7], and are provided under the GNU General Public License v2, with the Classpath Exception. Make sure to check the Release Notes [8] and the JavaDoc [9]. [7] https://jdk.java.net/19/ [8] https://jdk.java.net/19/release-notes [9] https://download.java.net/java/early_access/jdk19/docs/ ### Current JDK 19 JEPs - 405: Record Patterns (Preview) - Proposed to target - 422: Linux/RISC-V Port - Integrated - 424: Foreign Function & Memory API (Preview) - Integrated - 425: Virtual Threads (Preview) - Integrated - 426: Vector API (4th Incubator) - Targeted - 427: Pattern Matching for switch (3rd Preview) - Targeted ### Recent changes that may be of interest: Build 22: - JDK-8284161: Implementation of Virtual Threads (Preview) - JDK-8285947: Avoid redundant HashMap.containsKey calls in ZoneName - JDK-8212136: Remove finalizer implementation in SSLSocketImpl - JDK-8285872: JFR: Remove finalize() methods - JDK-8285914: AppCDS crash when using shared archive with old class file - JDK-8286163: micro-optimize Instant.plusSeconds - JDK-8282420: JFR: Remove event handlers - JDK-8282559: Allow multiple search terms in javadoc search Build 21: - JDK-822: Add DES/3DES/MD5 to jdk.security.legacyAlgorithms - JDK-8278370: [win] Disable side-by-side installations of multiple JDK updates in Windows JDK installers - JDK-8281010: [macos] Disable side-by-side installations of multiple JDK updates in macOS JDK installers - JDK-8236128: Allow jpackage create installers for services - JDK-8279598: provide adapter from RandomGenerator to Random Build 20: - JDK-8284553: Deprecate the DEFAULT static field of OAEPParameterSpec - JDK-8283620: System.out does not use the encoding/charset specified in the Javadoc - JDK-8285445: Enable Windows Alternate Data Streams
