Skip to content

Bump the maven group across 1 directory with 3 updates #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the maven group across 1 directory with 3 updates #21

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 28, 2025

Bumps the maven group with 3 updates in the / directory: com.google.protobuf:protobuf-java, ch.qos.logback:logback-core and org.apache.kafka:kafka-clients.

Updates com.google.protobuf:protobuf-java from 3.25.5 to 4.30.2

Commits
  • 43e1626 Updating version.json and repo version numbers to: 30.2
  • 7a4c63b Fix lite classes in the protobuf-java Maven release to be JDK8 compatible. (#...
  • 7831669 Remove dllexport attribute on variable definition. (#20833)
  • da9cadc Restore JDK8 compatibility in Bazel for libraries with dependencies from Mave...
  • 09b5078 Add protobuf_maven artifacts to protobuf_maven_dev as well so they can still ...
  • b7f06f1 Add volatile to featuresResolved (#20766)
  • b69f653 Restore generator headers in cmake install until the next breaking C++ releas...
  • f4b0a79 Restore custom protobuf maven namespaces to avoid polluting main maven namesp...
  • 2dc9f35 Fix Java concurrency issue in feature resolution for old <=3.25.x gencode usi...
  • 221b2a0 Change how we decide which empty string implementation to use. (#20708)
  • Additional commits viewable in compare view

Updates ch.qos.logback:logback-core from 1.5.13 to 1.5.18

Release notes

Sourced from ch.qos.logback:logback-core's releases.

Logback 1.5.18

2025-03-18 Release of logback version 1.5.18

• Added support for XZ compression for archived log files. Note that XZ compression requires Tukaani project's XZ library for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.

• Removed references to java.security.AccessController class. This class has been deprecated for some time and is slated for removal in future JDK versions.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag v_1.5.18. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.17

2025-02-25 Release of logback version 1.5.17

• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe console when the default terminal application is set to "Windows Console Host". This problem was reported in issues/753 by Michael Lyubkin.

• Fixed race condition occurring in case MDC class is initialized while org.slf4j.LoggerFactory is initializing logback-classic's LoggerContext. When this race conditions occurs, the MDCAdapter instance used by MDC does not match the instance used by logback-classic. This issue was reported in SLF4J issues/450. While logback-classic version 1.5.17 remains compatible with SLF4J versions in the 2.0.x series, fixing this particular MDC issue requires SLF4J version 2.0.17.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag v_1.5.17. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.16

2025-01-05 Release of logback version 1.5.16

• In order to ease the migration of configuration files depending on JaninoEventEvaluator, logback-classic will emit a warning about the removal of JaninoEventEvaluator in version 1.5.13 and suggest an online migration tool.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 74c9ebd0e784d9e9ffc6c627cf5016d0157956b2 associated with the tag v_1.5.16. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits
  • b2a02f0 prepare release 1.5.18
  • 991de58 remove references to AccessController marked for deletion in the JDK
  • f54ab16 If compression mode is XZ but the XZ library is missing, then fallback to GZ ...
  • fb45971 add support for XZ compression
  • 31c1f55 add xz compression support with tests
  • 8968d0f introduce strategy based compression
  • 834059c start work on 1.5.18-SNAPSHOT
  • 1035872 prepare release 1.5.17
  • 2e6984d bump to slf4j version 2.0.17
  • 1009952 use a new LoggerContert instance when running LogbackListenerTest. This shoul...
  • Additional commits viewable in compare view

Updates org.apache.kafka:kafka-clients from 3.7.1 to 4.0.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the maven group across 1 directory with 3 updates
419cf86 
Bumps the maven group with 3 updates in the / directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf), [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) and org.apache.kafka:kafka-clients.


Updates `com.google.protobuf:protobuf-java` from 3.25.5 to 4.30.2
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](protocolbuffers/protobuf@v3.25.5...v4.30.2)

Updates `ch.qos.logback:logback-core` from 1.5.13 to 1.5.18
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.13...v_1.5.18)

Updates `org.apache.kafka:kafka-clients` from 3.7.1 to 4.0.0

---
updated-dependencies:
- dependency-name: com.google.protobuf:protobuf-java
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: ch.qos.logback:logback-core
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.kafka:kafka-clients
  dependency-type: direct:production
  dependency-group: maven
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Mar 28, 2025
@vercel
Copy link

vercel bot commented Mar 28, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
scaleguard ✅ Ready (Inspect) Visit Preview 💬 Add feedback Mar 28, 2025 5:52am

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant