You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "dependabot[bot] (via GitHub)" <gi...@apache.org> on 2023/04/20 23:04:22 UTC

[GitHub] [directory-server] dependabot[bot] opened a new pull request, #70: Bump caffeine from 2.9.3 to 3.1.6

dependabot[bot] opened a new pull request, #70:
URL: https://github.com/apache/directory-server/pull/70

   Bumps [caffeine](https://github.com/ben-manes/caffeine) from 2.9.3 to 3.1.6.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a href="https://github.com/ben-manes/caffeine/releases">caffeine's releases</a>.</em></p>
   <blockquote>
   <h2>3.1.6</h2>
   <ul>
   <li>Fixed the log message when a key's equality has changed and corrupted the underlying map (<a href="https://redirect.github.com/ben-manes/caffeine/issues/900">#900</a>, <a href="https://jira.qos.ch/browse/SLF4J-529">SLF4J-529</a>)</li>
   <li>Added <code>Implementation-Version</code> and other <code>MANIFEST.MF</code> attributes (<a href="https://redirect.github.com/ben-manes/caffeine/issues/889">#889</a>)</li>
   </ul>
   <h2>3.1.5</h2>
   <p>Cache</p>
   <ul>
   <li>Fixed <code>clear()</code> removing a key more than once due to a write-back removal listener (<a href="https://redirect.github.com/ben-manes/caffeine/issues/872">#872</a>)</li>
   </ul>
   <p>JCache</p>
   <ul>
   <li>Added support for loading the configuration from the cache manager's uri (<a href="https://redirect.github.com/ben-manes/caffeine/issues/877">#877</a>)</li>
   </ul>
   <h2>3.1.4</h2>
   <p>Added <a href="https://errorprone.info/bugpattern/CheckReturnValue"><code>@CanIgnoreReturnValue</code></a> annotations for static analysis  (<a href="https://redirect.github.com/ben-manes/caffeine/issues/868">#868</a>)</p>
   <h2>3.1.3</h2>
   <p>Cache</p>
   <ul>
   <li>Fixed the build time dependency constraints from being leaked into the external metadata (<a href="https://redirect.github.com/ben-manes/caffeine/issues/867">#867</a>)</li>
   <li>Fixed the cause of a removal notification for a discarded refresh when the entry was removed</li>
   <li>Fixed the behavior for null lookups into returned unmodifiable maps to be consistent (<a href="https://redirect.github.com/ben-manes/caffeine/issues/864">#864</a>)</li>
   <li>Fixed an unexpected delay of removal notifications when using a scheduler (<a href="https://redirect.github.com/ben-manes/caffeine/issues/859">#859</a>)</li>
   <li>Fixed explicit refreshes from being deduped if the entry is pending eviction</li>
   <li>Defaulted methods to <a href="https://errorprone.info/bugpattern/CheckReturnValue"><code>@CheckReturnValue</code></a> for static analysis (<a href="https://redirect.github.com/ben-manes/caffeine/issues/863">#863</a>)</li>
   <li>Reduced the lock hold time during Map.clear (<a href="https://redirect.github.com/ben-manes/caffeine/issues/835">#835</a>)</li>
   </ul>
   <p>JCache</p>
   <ul>
   <li>Fixed <code>putAll</code> with an immutable map that causes an exception when using a cache writer (<a href="https://redirect.github.com/ben-manes/caffeine/issues/841">#841</a>)</li>
   </ul>
   <h2>3.1.2</h2>
   <p>Cache</p>
   <ul>
   <li>Added detection for when a key's equality has changed and corrupted the underlying map (<a href="https://redirect.github.com/apache/solr/pull/1118">SOLR-16489</a>)</li>
   <li>Improved the frequency sketch by better utilizing the cpu cache line to reduce memory accesses</li>
   <li>Fixed <code>computeIfAbsent</code> when replacing a collected weak/soft value and the custom expiry fails</li>
   <li>Improved refresh conflict detection to avoid unnecessarily discarding after a reload</li>
   <li>Improved eviction when the weight is oversized (<a href="https://redirect.github.com/ben-manes/caffeine/issues/745">#745</a>)</li>
   </ul>
   <p>Guava</p>
   <ul>
   <li>Added an adapter from Guava's CacheLoader to Caffeine's (<a href="https://redirect.github.com/ben-manes/caffeine/issues/766">#766</a>)</li>
   </ul>
   <p>JCache</p>
   <ul>
   <li>Fixed <code>Cache.getConfiguration()</code> to return an immutable instance</li>
   </ul>
   <h2>3.1.1</h2>
   <ul>
   <li>Fixed <code>refreshAfterWrite</code> when racing with a removed entry (<a href="https://redirect.github.com/ben-manes/caffeine/issues/715">#715</a>)</li>
   <li>Fixed gradle module metadata variant selection (<a href="https://redirect.github.com/ben-manes/caffeine/issues/716">#716</a>)</li>
   </ul>
   <h2>3.1.0</h2>
   <!-- raw HTML omitted -->
   </blockquote>
   <p>... (truncated)</p>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a href="https://github.com/ben-manes/caffeine/commit/0ef0f31618d20ebeded74a3cd7161c4bf3070238"><code>0ef0f31</code></a> refine assertion for broken equality log message (<a href="https://redirect.github.com/ben-manes/caffeine/issues/900">#900</a>)</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/1eb57acfc7ae9bed04d6f43061dd3246956aaea2"><code>1eb57ac</code></a> Fix log message when detecting a broken key equality (fixes <a href="https://redirect.github.com/ben-manes/caffeine/issues/900">#900</a>)</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/00f58622af2c68d86102b7488a5cfa02c65e5461"><code>00f5862</code></a> Bump step-security/harden-runner from 2.2.1 to 2.3.0 (<a href="https://redirect.github.com/ben-manes/caffeine/issues/899">#899</a>)</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/2a8e0f5421514821ecc8e19dd337e90b4e5b8490"><code>2a8e0f5</code></a> update example project dependencies</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/4e54c961488ba73a456d88ecfc771b180a32e7ab"><code>4e54c96</code></a> upgrade errorprone support (static analyzer)</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/0fa18dd8d8eae85f572410dea1f0d90e2498ec9b"><code>0fa18dd</code></a> Bump ossf/scorecard-action from 2.1.2 to 2.1.3 (<a href="https://redirect.github.com/ben-manes/caffeine/issues/896">#896</a>)</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/c1d33f03265b4e762b0ea6b69f12d72943898010"><code>c1d33f0</code></a> upgrade forbiddenApis (static analyzer)</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/17490f8fc2686cd6b52c28fd0c4cd60a37eff58a"><code>17490f8</code></a> Bump com.gradle.enterprise from 3.12.4 to 3.12.6 (<a href="https://redirect.github.com/ben-manes/caffeine/issues/894">#894</a>)</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/513c753cd6ec36e79f9a5ab63cbdbd053d37c431"><code>513c753</code></a> use JDK 20 and 21-EA as the build targets</li>
   <li><a href="https://github.com/ben-manes/caffeine/commit/588eae6114c084c88e1330e5a7ede19e5278cb5d"><code>588eae6</code></a> Upgrade to pmd 7.0-rc1 (static analyzer)</li>
   <li>Additional commits viewable in <a href="https://github.com/ben-manes/caffeine/compare/v2.9.3...v3.1.6">compare view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.github.ben-manes.caffeine:caffeine&package-manager=maven&previous-version=2.9.3&new-version=3.1.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
   
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org

[GitHub] [directory-server] dependabot[bot] commented on pull request #70: Bump caffeine from 2.9.3 to 3.1.6

Posted by "dependabot[bot] (via GitHub)" <gi...@apache.org>.

dependabot[bot] commented on PR #70:
URL: https://github.com/apache/directory-server/pull/70#issuecomment-1517323561

   OK, I won't notify you about version 3.x.x again, unless you re-open this PR. 😢


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org

[GitHub] [directory-server] dependabot[bot] closed pull request #70: Bump caffeine from 2.9.3 to 3.1.6

Posted by "dependabot[bot] (via GitHub)" <gi...@apache.org>.

dependabot[bot] closed pull request #70: Bump caffeine from 2.9.3 to 3.1.6
URL: https://github.com/apache/directory-server/pull/70


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org

[GitHub] [directory-server] coheigea commented on pull request #70: Bump caffeine from 2.9.3 to 3.1.6

Posted by "coheigea (via GitHub)" <gi...@apache.org>.

coheigea commented on PR #70:
URL: https://github.com/apache/directory-server/pull/70#issuecomment-1517323527

   @dependabot ignore this major version


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org