You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@karaf.apache.org by "dependabot[bot] (via GitHub)" <gi...@apache.org> on 2023/04/14 20:47:20 UTC
[GitHub] [karaf-webconsole] dependabot[bot] opened a new pull request, #3: Bump scala-compiler from 2.9.1 to 2.10.7
dependabot[bot] opened a new pull request, #3:
URL: https://github.com/apache/karaf-webconsole/pull/3
Bumps [scala-compiler](https://github.com/scala/scala) from 2.9.1 to 2.10.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/scala/scala/releases">scala-compiler's releases</a>.</em></p>
<blockquote>
<p>Scala 2.10.7 is a maintenance release to bring (partial) Java 9 support to the sbt 0.13 series. A total of <a href="https://github.com/scala/scala/pulls?q=milestone%3A2.10.7+is%3Amerged">three pending backports</a> were merged.</p>
<p>This release addresses (<a href="https://redirect.github.com/scala/scala/issues/6128">#6128</a>) a <a href="http://scala-lang.org/news/security-update-nov17.html"><strong>privilege escalation vulnerability</strong></a> that was identified in the Scala compilation daemon <em>CVE-2017-15288</em>.</p>
<p>We strongly encourage you to upgrade to the latest stable version of Scala 2.12.x, as the 2.10.x series is no longer actively maintained.</p>
<p>There is a <a href="https://redirect.github.com/scala/bug/issues/10603">known bug on Java 9 involving the repl</a>: the workaround is to launch it as <code>scala -nobootcp</code>.</p>
<p>More information about the Scala 2.10 series is available in the <a href="https://github.com/scala/scala/releases/v2.10.4">release notes for Scala 2.10.4</a>. A few more bugs were fixed since then in <a href="https://github.com/scala/bug/milestone/80?closed=1">2.10.5</a>.</p>
<p>Scala 2.10.6 <a href="https://redirect.github.com/scala/scala/pull/4557">resolves a license incompatibility in scala.util.Sorting</a>, but is otherwise identical to Scala 2.10.5. A total of <a href="https://github.com/scala/scala/pulls?q=milestone%3A2.10.6+is%3Aclosed">three pending backports</a> were merged.</p>
<p>We strongly encourage you to upgrade to the latest stable version of Scala 2.11.x, as the 2.10.x series is no longer actively maintained.</p>
<h3>Scala IDE</h3>
<p>The current release of Scala IDE supports any 2.10.x release, and is available on the <a href="http://scala-ide.org/download/sdk.html">download site</a>.</p>
<h3>Release Notes for the Scala 2.10 Series</h3>
<p>The release notes for the Scala 2.10 series, which also apply to the current minor release, are available in the <a href="http://scala-lang.org/news/2.10.4">release notes for Scala 2.10.4</a>. They contain important information such as:</p>
<ul>
<li>The specification of binary compatibility between minor releases.</li>
<li>Details on new features, important changes and deprecations in Scala 2.10.</li>
</ul>
<h2>Scala 2.10.4</h2>
<p>The release is available for download from <a href="http://scala-lang.org/download/2.10.4.html">scala-lang.org</a> or from <a href="http://search.maven.org/#search%7Cga%7C1%7Cg%3Aorg.scala-lang%20AND%20v%3A2.10.4">Maven Central</a>.</p>
<h3>Scala IDE for Eclipse</h3>
<p>The Scala IDE with this release built right in is available through the following update-site for Eclipse 4.2/4.3 (Juno/Kepler):</p>
<ul>
<li>Development version (Scala IDE 3.0.3-rc3 on Scala 2.10.4)</li>
<li>Stable version (will have 2.10.4 as soon as Scala IDE 3.0.3-vfinal is released)</li>
</ul>
<p>Have a look at the <a href="http://scala-ide.org/docs/user/gettingstarted.html">getting started guide</a> for more info.</p>
<h3>New features in the 2.10 series</h3>
<p>Since 2.10.4 is strictly a bug-fix release, here's an overview of the most prominent new features and improvements as introduced in 2.10.0:</p>
<ul>
<li>Value Classes
<ul>
<li>A class may now extend <code>AnyVal</code> to make it behave like a struct type (restrictions apply).</li>
<li><a href="http://docs.scala-lang.org/overviews/core/value-classes.html">http://docs.scala-lang.org/overviews/core/value-classes.html</a></li>
</ul>
</li>
<li>Implicit Classes
<ul>
<li>The implicit modifier now also applies to class definitions to reduce the boilerplate of implicit wrappers.</li>
<li><a href="http://docs.scala-lang.org/sips/pending/implicit-classes.html">http://docs.scala-lang.org/sips/pending/implicit-classes.html</a></li>
</ul>
</li>
<li>String Interpolation
<ul>
<li><code>val what = "awesome"; println(s"string interpolation is ${what.toUpperCase}!")</code></li>
<li><a href="http://docs.scala-lang.org/overviews/core/string-interpolation.html">http://docs.scala-lang.org/overviews/core/string-interpolation.html</a></li>
</ul>
</li>
<li>Futures and Promises
<ul>
<li>Asynchronously get some JSON: <code>for (req <- WS.url(restApiUrl).get()) yield (req.json \ "users").as[List[User]]</code> (uses play!)</li>
<li><a href="http://docs.scala-lang.org/overviews/core/futures.html">http://docs.scala-lang.org/overviews/core/futures.html</a></li>
</ul>
</li>
<li>Dynamic and applyDynamic</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/scala/scala/commit/89e57bc7ad4a1809864b637617456736fd7b8101"><code>89e57bc</code></a> Merge pull request <a href="https://redirect.github.com/scala/scala/issues/6113">#6113</a> from retronym/backport/reflection</li>
<li><a href="https://github.com/scala/scala/commit/4b848761c3791b161c43ee80feb4c0c03d7a5dd7"><code>4b84876</code></a> Move ASM sources back to the original location</li>
<li><a href="https://github.com/scala/scala/commit/2ae75e97db0857f0babbfc7cfee0dbd32baec2f0"><code>2ae75e9</code></a> Fixup cherrypick of test case</li>
<li><a href="https://github.com/scala/scala/commit/7e1a4b94ad5a7fc251424a1caed7bf9009e39599"><code>7e1a4b9</code></a> Add MiMa whitelist entries</li>
<li><a href="https://github.com/scala/scala/commit/efbd9d582fdf6a31dd1f6c02ec1c997213057ca1"><code>efbd9d5</code></a> Limit use of java file manager to JDK 9</li>
<li><a href="https://github.com/scala/scala/commit/cd366472f0abb27e0dcc4b91595047863fdbf5fc"><code>cd36647</code></a> Static calls to interfaces are only allowed with 1.8 classfiles</li>
<li><a href="https://github.com/scala/scala/commit/69b79ba971ae1c8415da372432f55368617d1f2d"><code>69b79ba</code></a> Support -target:jvm1.8, needed to call static methods on Java interfaces</li>
<li><a href="https://github.com/scala/scala/commit/c3d8750f4da48186d259fd2aa3f5f3da21805047"><code>c3d8750</code></a> Update to scala-asm v5.2.0-scala-2</li>
<li><a href="https://github.com/scala/scala/commit/9ad4757f28ceb84ba07c429f55e5dda8b6e911e9"><code>9ad4757</code></a> [backport] SI-9393 fix modifiers of Java annotations</li>
<li><a href="https://github.com/scala/scala/commit/ac0c3fcdfb2fdb176feee73197688c458f26afbc"><code>ac0c3fc</code></a> Backport suport for Java 9 platform classpath</li>
<li>Additional commits viewable in <a href="https://github.com/scala/scala/compare/v2.9.1...v2.10.7">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/karaf-webconsole/network/alerts).
</details>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@karaf.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org