Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump org.tukaani:xz from 1.9 to 1.10 #663

Closed
wants to merge 1 commit into from
Closed

Bump org.tukaani:xz from 1.9 to 1.10 #663

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jul 30, 2024

Bumps org.tukaani:xz from 1.9 to 1.10.

Changelog

Sourced from org.tukaani:xz's changelog.

1.10 (2024-07-29)

  • Licensing change: From version 1.10 onwards, XZ for Java is under the BSD Zero Clause License (0BSD). 1.9 and older are in the public domain and obviously remain so; the change only affects the new releases.

    0BSD is an extremely permissive license which doesn't require retaining or reproducing copyright or license notices when distributing the code, thus in practice there is extremely little difference to public domain.

  • Mark copyright and license information in the source package so that it is compliant to the REUSE Specification version 3.2.

  • Improve LZMAInputStream.enableRelaxedEndCondition():

    • Error detection is slightly better.

    • The input position will always be at the end of the stream after successful decompression.

  • Support .lzma files that have both a known uncompressed size and the end marker. Such files are uncommon but valid. The same issue was fixed in XZ Utils 5.2.6 in 2022.

  • Add ARM64 and RISC-V BCJ filters.

  • Speed optimizations:

    • Delta filter
    • LZMA/LZMA2 decoder
    • LZMA/LZMA2 encoder (partially Java >= 9 only)
    • CRC64 (Java >= 9 only)

  • Changes that affect API/ABI compatibility:

    • Change XZOutputStream constructors to not call the method public void updateFilters(FilterOptions[] filterOptions).

    • In SeekableXZInputStream, change the method public void seekToBlock(int blockNumber) to not call the method public long getBlockPos(int blockNumber).

    • Make the filter options classes final:

      • ARM64Options
      • ARMOptions
      • ARMThumbOptions
      • DeltaOptions

... (truncated)

Commits
  • 0f5ee02 Bump the version number to 1.10
  • 4cd5a8b Update NEWS.md for 1.10
  • 21edbdf README.md: Add a section about reproducible builds
  • 372dc48 README.md: Use a subheading for old build environments
  • 5ec1e8e build.xml: Add Build-Jdk-Spec to MANIFEST.MF
  • 2103742 build.xml: Make MANIFEST.MF friendlier to reproducible builds
  • d18a12a build.xml: Use <macrodef> to make JARs of the demo programs
  • 39b7371 build.xml: Add SOURCE_DATE_EPOCH support
  • 5689e64 build.xml: Change the "pom" target to use unversioned filename
  • 7f4ccd6 Simplify building with OpenJDK 8
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump org.tukaani:xz from 1.9 to 1.10
7ef280a 
Bumps [org.tukaani:xz](https://github.com/tukaani-project/xz-java) from 1.9 to 1.10.
- [Release notes](https://github.com/tukaani-project/xz-java/releases)
- [Changelog](https://github.com/tukaani-project/xz-java/blob/master/NEWS.md)
- [Commits](tukaani-project/xz-java@v1.9...v1.10)

---
updated-dependencies:
- dependency-name: org.tukaani:xz
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 30, 2024
@asfgit asfgit closed this Jul 30, 2024
@asfgit asfgit deleted the dependabot/gradle/org.tukaani-xz-1.10 branch July 30, 2024 14:48
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Jul 30, 2024

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@asfgit