You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kyuubi.apache.org by ya...@apache.org on 2021/10/19 05:17:56 UTC

[incubator-kyuubi] branch master updated: [KYUUBI #1251] Bump bcprov-jdk15on from 1.60 to 1.67

This is an automated email from the ASF dual-hosted git repository.

yao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-kyuubi.git


The following commit(s) were added to refs/heads/master by this push:
     new 78399ca  [KYUUBI #1251] Bump bcprov-jdk15on from 1.60 to 1.67
78399ca is described below

commit 78399caef5319b7ddd3fb890838f23d052b58a0b
Author: dependabot[bot] <49...@users.noreply.github.com>
AuthorDate: Tue Oct 19 13:17:48 2021 +0800

    [KYUUBI #1251] Bump bcprov-jdk15on from 1.60 to 1.67
    
    Bumps [bcprov-jdk15on](https://github.com/bcgit/bc-java) from 1.60 to 1.67.
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html">bcprov-jdk15on's changelog</a>.</em></p>
    <blockquote>
    <!-- raw HTML omitted -->
    <!-- raw HTML omitted -->
    <!-- raw HTML omitted -->
    <p><!-- raw HTML omitted --><!-- raw HTML omitted -->2.1.1 Version<!-- raw HTML omitted --><!-- raw HTML omitted -->
    Release: 1.70<!-- raw HTML omitted -->
    Date:      TBD</p>
    <!-- raw HTML omitted -->
    <p><!-- raw HTML omitted --><!-- raw HTML omitted -->2.2.1 Version<!-- raw HTML omitted --><!-- raw HTML omitted -->
    Release: 1.69<!-- raw HTML omitted -->
    Date:      2021, June 7th.</p>
    <!-- raw HTML omitted -->
    </blockquote>
    <p>... (truncated)</p>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li>See full diff in <a href="https://github.com/bcgit/bc-java/commits">compare view</a></li>
    </ul>
    </details>
    <br />
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.bouncycastle:bcprov-jdk15on&package-manager=maven&previous-version=1.60&new-version=1.67)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `dependabot rebase` will rebase this PR
    - `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `dependabot merge` will merge this PR after your CI passes on it
    - `dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `dependabot reopen` will reopen this PR if it is closed
    - `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    - `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
    - `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
    - `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
    - `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
    
    You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/incubator-kyuubi/network/alerts).
    
    </details>
    
    Closes #1251 from dependabot[bot]/dependabot/maven/org.bouncycastle-bcprov-jdk15on-1.67.
    
    Closes #1251
    
    1f0c353f [dependabot[bot]] Bump bcprov-jdk15on from 1.60 to 1.67
    
    Authored-by: dependabot[bot] <49...@users.noreply.github.com>
    Signed-off-by: Kent Yao <ya...@apache.org>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index cb9e245..14bdd72 100644
--- a/pom.xml
+++ b/pom.xml
@@ -88,7 +88,7 @@
         <scala.binary.version>2.12</scala.binary.version>
 
         <antlr4.version>4.8</antlr4.version>
-        <bouncycastle.version>1.60</bouncycastle.version>
+        <bouncycastle.version>1.67</bouncycastle.version>
         <codahale.metrics.version>4.1.1</codahale.metrics.version>
         <commons-codec.version>1.15</commons-codec.version>
         <commons-collections.version>3.2.2</commons-collections.version>