Bump jackson.version from 2.15.3 to 2.16.0 #1760

dependabot · 2023-11-16T04:50:36Z

Bumps jackson.version from 2.15.3 to 2.16.0.
Updates com.fasterxml.jackson.core:jackson-core from 2.15.3 to 2.16.0

Commits

2af46f1 [maven-release-plugin] prepare release jackson-core-2.16.0
6f337da Prepare for 2.16.0 release
1cfb490 Make JacksonFeatureSet java.io.Serializable
f878f33 Update release notes wrt #1136
a0c853a Change error mesage to mention -INF (#1136)
2d137d8 Bump the github-actions group with 2 updates (#1134)
ce0e92e Add missing name-length check in a test
97030b9 Merge branch '2.16' of github.com:FasterXML/jackson-core into 2.16
3e1cbb9 Unit test cleanup
69712d8 Maximum Property name length affects input/read (#1130)
Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.15.3 to 2.16.0

Commits

See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-annotations from 2.15.3 to 2.16.0

Commits

See full diff in compare view

Updates com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.15.3 to 2.16.0

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.15.3 to 2.16.0

Commits

fe6ffce [maven-release-plugin] prepare release jackson-dataformat-xml-2.16.0
f265cbb Prepare for 2.16.0 release
34cd570 Back to snapshot dep
ad8b5f8 [maven-release-plugin] prepare for next development iteration
7639c87 [maven-release-plugin] prepare release jackson-dataformat-xml-2.16.0-rc1
d795d24 Prepare for 2.16.0-rc1 release
bba471a Add OpenSSF Score badge
177beb2 Remove maven wrapper jar
bc0adc2 Create reproducer test case for #509 (#604)
36459c6 Prepare for 2.16.0-rc1
Additional commits viewable in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-yaml from 2.15.3 to 2.16.0

Commits

89c9cb5 [maven-release-plugin] prepare release jackson-dataformats-text-2.16.0
8b0bf6c Prepare for 2.16.0 release
f1a2803 Back to snapshot deps
5a433fc [maven-release-plugin] prepare for next development iteration
b2a3d9a [maven-release-plugin] prepare release jackson-dataformats-text-2.16.0-rc1
e3dbdb0 Prepare for 2.16.0-rc1 release
74461cf Enable JDK 21 for CI java matrix
90a2f8c Fix #198: add CsvGenerator.Feature.ALWAYS_QUOTE_NUMBERS (#440)
f8bd56b Fix #438: prevent quoting of BigInteger/BigDecimal when not expected (#439)
56686c8 Update release notes
Additional commits viewable in compare view

Updates com.fasterxml.jackson.dataformat:jackson-module-jaxb-annotations from 2.15.3 to 2.16.0

Updates com.fasterxml.jackson.module:jackson-module-jaxb-annotations from 2.15.3 to 2.16.0

Commits

8aec482 [maven-release-plugin] prepare release jackson-modules-base-2.16.0
56bc483 Prepare for 2.16.0 release
cd40fa8 Merge pull request #230 from eranl/2.16
6dc7604 Updated doc.
1b501f2 Minor test improvement to android module
ef85387 Update release notes wrt #227
40ec12c Merge pull request #227 from eranl/2.16
cc269c5 Updated doc.
102e00b Addressed review comments
d6c4b7d Add jackson-core dependency, animal-sniffer-maven-plugin, per review comments
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dadoonet · 2023-12-12T12:02:18Z

@dependabot rebase

Bumps `jackson.version` from 2.15.3 to 2.16.0. Updates `com.fasterxml.jackson.core:jackson-core` from 2.15.3 to 2.16.0 - [Release notes](https://github.com/FasterXML/jackson-core/releases) - [Commits](FasterXML/jackson-core@jackson-core-2.15.3...jackson-core-2.16.0) Updates `com.fasterxml.jackson.core:jackson-databind` from 2.15.3 to 2.16.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.15.3 to 2.16.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.datatype:jackson-datatype-jsr310` from 2.15.3 to 2.16.0 Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-xml` from 2.15.3 to 2.16.0 - [Commits](FasterXML/jackson-dataformat-xml@jackson-dataformat-xml-2.15.3...jackson-dataformat-xml-2.16.0) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.15.3 to 2.16.0 - [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.15.3...jackson-dataformats-text-2.16.0) Updates `com.fasterxml.jackson.dataformat:jackson-module-jaxb-annotations` from 2.15.3 to 2.16.0 Updates `com.fasterxml.jackson.module:jackson-module-jaxb-annotations` from 2.15.3 to 2.16.0 - [Commits](FasterXML/jackson-modules-base@jackson-modules-base-2.15.3...jackson-modules-base-2.16.0) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.dataformat:jackson-module-jaxb-annotations dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.module:jackson-module-jaxb-annotations dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

sonarcloud · 2023-12-12T12:03:33Z

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

We are upgrading: * Elasticsearch 8.11.3 * Elasticsearch 7.17.16 * Jackson 2.16.0 Removing explict transiting dependencies: * slf4j 2.0.9 * commons-logging 1.3.0 * commons-codec 1.16.0 * snakeyaml 2.2 * httpclient 4.5.14 * httpasyncclient 4.1.5 * httpcore 4.4.16 * httpcore-nio 4.4.16 * httpmime 4.4.16 * woodstox-core 6.5.1 * sqlite-jdbc 3.44.1.0 * jna 5.14.0 * quartz 2.3.2 * jsoup 1.17.1 * jdom2 2.0.6.1 * jersey-common 3.1.5 * jakarta.annotation-api 2.1.1 * bcprov-jdk15on 1.70 * websocket-client 9.4.53.v20231009 Remove the CVE check ignore for CVE-2022-1471 Closes #1760

dependabot · 2023-12-19T11:14:01Z

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot bot added the update When updating an existing feature label Nov 16, 2023

dependabot bot requested a review from dadoonet November 16, 2023 04:50

dependabot bot assigned dadoonet Nov 16, 2023

dependabot bot added this to the 2.10 milestone Nov 16, 2023

dependabot bot force-pushed the dependabot/maven/jackson.version-2.16.0 branch from e24990b to bc7a829 Compare December 12, 2023 12:02

dadoonet mentioned this pull request Dec 19, 2023

Fix transitive dependencies and outdated libs #1788

Merged

dadoonet closed this in #1788 Dec 19, 2023

dependabot bot deleted the dependabot/maven/jackson.version-2.16.0 branch December 19, 2023 11:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump jackson.version from 2.15.3 to 2.16.0 #1760

Bump jackson.version from 2.15.3 to 2.16.0 #1760

dependabot bot commented on behalf of github Nov 16, 2023 •

edited

Loading

dadoonet commented Dec 12, 2023

sonarcloud bot commented Dec 12, 2023

dependabot bot commented on behalf of github Dec 19, 2023

Bump jackson.version from 2.15.3 to 2.16.0 #1760

Bump jackson.version from 2.15.3 to 2.16.0 #1760

Conversation

dependabot bot commented on behalf of github Nov 16, 2023 • edited Loading

dadoonet commented Dec 12, 2023

sonarcloud bot commented Dec 12, 2023

dependabot bot commented on behalf of github Dec 19, 2023

dependabot bot commented on behalf of github Nov 16, 2023 •

edited

Loading