chore(deps): Bump the all group across 1 directory with 39 updates #23587

dependabot · 2025-10-27T19:09:39Z

Bumps the all group with 39 updates in the /java directory:

Package	From	To
org.apache.logging.log4j:log4j-api	`2.25.1`	`2.25.2`
org.apache.logging.log4j:log4j-slf4j2-impl	`2.25.1`	`2.25.2`
org.apache.logging.log4j:log4j-core	`2.25.1`	`2.25.2`
org.apache.commons:commons-lang3	`3.18.0`	`3.19.0`
com.fasterxml.jackson.core:jackson-databind	`2.19.2`	`2.20.0`
com.fasterxml.jackson.core:jackson-core	`2.19.2`	`2.20.0`
org.postgresql:postgresql	`42.7.7`	`42.7.8`
com.mysql:mysql-connector-j	`9.4.0`	`9.5.0`
io.grpc:grpc-netty-shaded	`1.75.0`	`1.76.0`
io.grpc:grpc-protobuf	`1.75.0`	`1.76.0`
io.grpc:grpc-stub	`1.75.0`	`1.76.0`
org.assertj:assertj-core	`3.27.4`	`3.27.6`
com.google.code.gson:gson	`2.13.1`	`2.13.2`
com.google.guava:guava	`33.4.8-jre`	`33.5.0-jre`
software.amazon.awssdk:s3	`2.32.19`	`2.36.2`
software.amazon.awssdk:sts	`2.32.19`	`2.36.2`
software.amazon.awssdk:apache-client	`2.32.19`	`2.36.2`
software.amazon.awssdk:glue	`2.32.19`	`2.36.2`
org.eclipse.jetty:jetty-client	`12.0.24`	`12.1.3`
org.eclipse.jetty:jetty-util	`12.0.24`	`12.1.3`
org.eclipse.jetty:jetty-http	`12.0.24`	`12.1.3`
org.apache.maven.plugins:maven-surefire-plugin	`3.5.3`	`3.5.4`
org.apache.maven.plugins:maven-javadoc-plugin	`3.11.2`	`3.12.0`
org.apache.iceberg:iceberg-core	`1.9.2`	`1.10.0`
org.apache.iceberg:iceberg-api	`1.9.2`	`1.10.0`
org.apache.iceberg:iceberg-bundled-guava	`1.9.2`	`1.10.0`
org.apache.iceberg:iceberg-hive-metastore	`1.9.2`	`1.10.0`
org.apache.iceberg:iceberg-aws	`1.9.2`	`1.10.0`
org.apache.iceberg:iceberg-gcp	`1.9.2`	`1.10.0`
org.apache.hadoop:hadoop-common	`3.4.1`	`3.4.2`
org.apache.hadoop:hadoop-mapreduce-client-core	`3.4.1`	`3.4.2`
org.apache.hadoop:hadoop-mapreduce-client-common	`3.4.1`	`3.4.2`
org.apache.hadoop:hadoop-mapreduce-client-jobclient	`3.4.1`	`3.4.2`
org.apache.hadoop:hadoop-aws	`3.4.1`	`3.4.2`
org.apache.iceberg:iceberg-snowflake	`1.9.2`	`1.10.0`
org.apache.cassandra:java-driver-core	`4.19.0`	`4.19.1`
com.amazon.redshift:redshift-jdbc42	`2.1.0.33`	`2.2.0`
net.snowflake:snowflake-jdbc	`3.23.0`	`3.27.0`
com.zaxxer:HikariCP	`6.3.2`	`6.3.3`

Updates org.apache.logging.log4j:log4j-api from 2.25.1 to 2.25.2

Updates org.apache.logging.log4j:log4j-slf4j2-impl from 2.25.1 to 2.25.2

Updates org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

Updates org.apache.logging.log4j:log4j-slf4j2-impl from 2.25.1 to 2.25.2

Updates org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

Updates org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0

Updates com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.0

Commits

See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-core from 2.19.2 to 2.20.0

Commits

ea0830a [maven-release-plugin] prepare release jackson-core-2.20.0
e16733a Prep for 2.20.0
93deb38 Drop RC from version pre-2.20.0 release
f0bcc3c Handle deprecation warnings
6e70d08 Fix #1462: deprecate JsonFactory.createParser(URL) (#1464)
588cc76 Post release version bump
018f9e1 [maven-release-plugin] prepare for next development iteration
360e498 [maven-release-plugin] prepare release jackson-core-2.20.0-rc1
538ac44 Prep for 2.20.0-rc1
dfbf47b Merge branch '2.19' into 2.x
Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-core from 2.19.2 to 2.20.0

Commits

ea0830a [maven-release-plugin] prepare release jackson-core-2.20.0
e16733a Prep for 2.20.0
93deb38 Drop RC from version pre-2.20.0 release
f0bcc3c Handle deprecation warnings
6e70d08 Fix #1462: deprecate JsonFactory.createParser(URL) (#1464)
588cc76 Post release version bump
018f9e1 [maven-release-plugin] prepare for next development iteration
360e498 [maven-release-plugin] prepare release jackson-core-2.20.0-rc1
538ac44 Prep for 2.20.0-rc1
dfbf47b Merge branch '2.19' into 2.x
Additional commits viewable in compare view

Updates org.postgresql:postgresql from 42.7.7 to 42.7.8

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.8

Notable changes:

Releases are signed with a new PGP key which is generated at GitHub Actions and stored only there @vlsi (#3701)

Changes

fix: Update release plugin config to use .set(...) for props and inject nexus secrets via props @sehrope (#3802)

update version to 42.7.8 @davecramer (#3801)

change logs for version 42.7.8 @davecramer (#3797)

Fix getNotifications() documentation @pdewacht (#3800)

fix(deps): update dependency om.ongres.scram:scram-client to 3.2 @jorsol (#3799)

Add configurable boolean-to-numeric conversion for ResultSet getters @vwassan (#3796)

Update CONTRIBUTING.md @davecramer (#3794)

perf: remove QUERY_ONESHOT flag when calling getMetaData @ShenFeng312 (#3783)

test: add bench for batch insert via unnest with arrays @lantalex (#3782)

fix: Change "PST" timezone in TimestampTest to "Pacific Standard Time" @simon-greatrix (#3774)

Use BufferedInputStream with FileInputStream @jgardn3r (#3750)

Fix #3747: Incorrect class comparison in PGXmlFactoryFactory validation @eitch (#3748)

fix: traverse the current dimension to get the correct pos in PgArray#calcRemainingDataLength @sly461 (#3746)

test: add channelBinding to SslTest @vlsi (#3665)

fix: remove excessive ReentrantLock.lock usages @vlsi (#3703)

test: add ossf-scorecard security scanning @vlsi (#3695)

fix indentation to let CI pass @mohitsatr (#3682)

test: extract pgjdbc/testFixtures to testkit project @vlsi (#3666)

fix: make sure getImportedExportedKeys returns columns in consistent order @vlsi (#3663)

feat: use PreparedStatement for DatabaseMetaData.getCrossReference, getImportedKeys, getExportedKeys @vlsi (#3641)

Add "SELF_REFERENCING_COL_NAME" field to getTables' ResultSetMetaData to fix NullPointerException @SophiahHo (#3660)

🐛 Bug Fixes

fix: avoid IllegalStateException: Timer already cancelled when StatementCancelTimerTask.run throws a runtime error @vlsi (#3778)

fix: avoid NullPointerException when cancelling a query if cancel key is not known yet @vlsi (#3780)

fix: unable to open replication connection to servers < 12 @vlsi (#3678)

🧰 Maintenance

chore: fix published project name @vlsi (#3809)

chore: update publish to Central Portal task name after bumping nmcp @vlsi (#3808)

fix(deps): update com.gradleup.nmcp to 1.1.0 @vlsi (#3807)

Revert "fix: Update release plugin config to use .set(...) for props and inject nexus creds via gradle props" @vlsi (#3803)

chore: group com.gradleup.nmcp version updates @vlsi (#3805)

chore: use bump org.apache.bcel:bcel test dependency in testCompileClasspath as well @vlsi (#3775)

Fix typo in PGReplicationStream.java @atorik (#3758)

chore: remove JDK versions from the key workflow names @vlsi (#3759)

chore: add GitHub Actions workflow for generating release PGP key @vlsi (#3701)

chore: replace StandardCharsets with Charsets to simplify code @vlsi (#3751)

chore: migrate publish workflow to Central Portal publishing via com.gradleup.nmcp @vlsi (#3686)

chore: adjust the default branch name for ossf scorecard scan @vlsi (#3697)

chore: add top-level read-only permissions for GitHub Actions when missing @vlsi (#3696)

chore: use config:best-practices preset for Renovate @vlsi (#3687)

... (truncated)

Changelog

Sourced from org.postgresql:postgresql's changelog.

[42.7.8] (2025-09-18)

Added

feat: Add configurable boolean-to-numeric conversion for ResultSet getters [PR #3796](pgjdbc/pgjdbc#3796)

Changed

perf: remove QUERY_ONESHOT flag when calling getMetaData [PR #3783](pgjdbc/pgjdbc#3783)

perf: use BufferedInputStream with FileInputStream [PR #3750](pgjdbc/pgjdbc#3750)

perf: enable server-prepared statements for DatabaseMetaData

Fixed

fix: avoid NullPointerException when cancelling a query if cancel key is not known yet

fix: Change "PST" timezone in TimestampTest to "Pacific Standard Time" [PR #3774](pgjdbc/pgjdbc#3774)

fix: traverse the current dimension to get the correct pos in PgArray#calcRemainingDataLength [PR #3746](pgjdbc/pgjdbc#3746)

fix: make sure getImportedExportedKeys returns columns in consistent order

fix: Add "SELF_REFERENCING_COL_NAME" field to getTables' ResultSetMetaData to fix NullPointerException [PR #3660](pgjdbc/pgjdbc#3660)

fix: unable to open replication connection to servers < 12

fix: avoid closing statement caused by driver's internal ResultSet#close()

fix: return empty metadata for empty catalog names as it was before

fix: Incorrect class comparison in PGXmlFactoryFactory validation

Commits

9a5492d chore: fix published project name
ca064f8 chore: update publish to Central Portal task name after bumping nmcp
3d97bb8 fix: avoid IllegalStateException: Timer already cancelled when StatementCanc...
faa7dfc test: move BaseTest4 to testkit module
dbf2847 fix(deps): update com.gradleup.nmcp to 1.1.0
9245e26 Revert "fix: Update release plugin config to use .set(...) for props and inje...
8e833c3 chore: group com.gradleup.nmcp version updates
ec5a088 fix: Update release plugin config to use .set(...) for props and inject nexus...
c03db58 update version to 42.7.8 (#3801)
50ff169 change logs for version 42.7.8 (#3797)
Additional commits viewable in compare view

Updates com.mysql:mysql-connector-j from 9.4.0 to 9.5.0

Changelog

Sourced from com.mysql:mysql-connector-j's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/en/

Version 9.5.0

Fix for Bug#72036 (Bug#18403804), XA isSameRM() shouldn't take database into account.

Fix for Bug#62693 (Bug#16722068), XAConnection savepoint capability.

Fix for Bug#81128 (Bug#23146631), Master host list overwritten by slave list when loadBalanceConnectionGroup used.

Fix for Bug#19887224, RUNNING THE TEST SUITE WITH SOCKSPROXY* PROPERTIES HANGS IN TEST TESTBUG56429.

Fix for Bug#98699 (Bug#30932850), Allow empty keyStore file for keyStoreTypes that do not require files. Thanks to Kolbe Kegel for his contribution.

Fix for Bug#118938 (Bug#38396227), DatabaseMetaDataInformationSchema#getSchemas has a bug.

Fix for Bug#99292 (Bug#31195955), Contribution: Support Windows time zone 'Coordinated Universal Time'. Thanks to Frédéric Barrière for his contribution.

Fix for Bug#107094 (Bug#34104230), NullPointerException when calling equals with null on MultiHostConnectionProxy.

Fix for Bug#107543 (Bug#34464351), Cannot execute a SELECT statement that writes to an OUTFILE.

Fix for Bug#17881458, BEHAVIOR OF SETBINARYSTREAM() METHOD IS DIFFERENT WHEN USESERVERPREPSTMTS=TRUE.

Fix for Bug#45554 (Bug#11754018), Connector/J does not encode binary data if useServerPrepStatements=false.

Fix for Bug#114974 (Bug#36614381), the SQL in batch will not clear after statement close. Thanks to Chengyi Dong for his contribution.

Fix for Bug#118688 (Bug#38222681), com.mysql.cj.protocol.a.StringValueEncoder#getString does not handle string escaping. Thanks to Feng Shen for his contribution.

Fix for Bug#118329 (Bug#38022329), Contribution: Optimize BigDecimal zero value handling to reduce memory footprint. Thanks to Chengjun Huang for his contribution.

Fix for Bug#42777 (Bug#11751788), loadBalanceStrategy and roundRobinLoadBalance should be consolidated.

Fix for Bug#112090 (Bug#35716608), SHOW ENGINE command runs forever when using cursor fetch.

Version 9.4.0

Fix for Bug#116120 (Bug#37079448), Inappropriate charset selected for connection when jdk.charsets not included.

Fix for Bug#98620 (Bug#31503893), Using DatabaseMetaData.getColumns() gives collation mix error.

Fix for Bug#118389 (Bug#38044940), OCI ephemeral keys not working after change in OCI CLI.

... (truncated)

Commits

a7b3c94 Update for GPL license book.
a17a256 Fix for StatementRegressionTest.testBug107543_IntoFile() failing when
0d642f5 Fix for Bug#72036 (Bug#18403804), XA isSameRM() shouldn't take database into ...
cdb5880 Fix for Bug#62693 (Bug#16722068), XAConnection savepoint capability.
2ce8cb2 Fix for Bug#81128 (Bug#23146631), Master host list overwritten by slave list ...
f889dec Fix for Bug#19887224, RUNNING THE TEST SUITE WITH SOCKSPROXY* PROPERTIES HANG...
b62afb2 Fix for Bug#98699 (Bug#30932850), Allow empty keyStore file for keyStoreTypes...
1470742 Fix for typo.
af1348a Update build instructions to use protoc for consistency; perform minor cleanups.
29a877b Fix for Bug#118938 (Bug#38396227), DatabaseMetaDataInformationSchema#getSchem...
Additional commits viewable in compare view

Updates io.grpc:grpc-netty-shaded from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-netty-shaded's releases.

v1.76.0

Bug Fixes

xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.

compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.

servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.

servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.

binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.

binder: The server will now only accept post-setup transactions from the authorized server UID.

util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”

android: A fix has been implemented for network change handling on API levels below 24.

Improvements

api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.

api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.

servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name

servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first

xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs

bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.

bazel: Unnecessary direct build dependencies were removed from some targets

netty: Support for the BCJSSE provider has been added in GrpcSslContexts.

netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers

netty: Include allow header for HTTP response code 405

okhttp: Include allow header for HTTP response code 405

binder: Error descriptions for ServiceConnection callbacks have been improved

binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.

compiler: Support for macOS aarch64 with a universal binary has been added.

opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support

binder: A NameResolver for Android's intent: URIs has been introduced.

binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.

examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

Upgraded Guava version to 33.4.8.

The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt @Sangamesh1997

... (truncated)

Commits

d0db129 Bump version to 1.76.0
aa672ca Update README etc to reference 1.76.0
70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
f89d1d8 api: remove nullable from StatusOr value methods (#12338)
040665f examples: Explain Bazel BCR releases and git_override option
4995700 xds: Remove verify TODO for onResult2 error status
afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
1a7042a android: fix network change handling on API levels < 24
8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
Additional commits viewable in compare view

Updates io.grpc:grpc-protobuf from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-protobuf's releases.

v1.76.0

Bug Fixes

xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.

compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.

servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.

servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.

binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.

binder: The server will now only accept post-setup transactions from the authorized server UID.

util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”

android: A fix has been implemented for network change handling on API levels below 24.

Improvements

api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.

api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.

servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name

servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first

xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs

bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.

bazel: Unnecessary direct build dependencies were removed from some targets

netty: Support for the BCJSSE provider has been added in GrpcSslContexts.

netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers

netty: Include allow header for HTTP response code 405

okhttp: Include allow header for HTTP response code 405

binder: Error descriptions for ServiceConnection callbacks have been improved

binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.

compiler: Support for macOS aarch64 with a universal binary has been added.

opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support

binder: A NameResolver for Android's intent: URIs has been introduced.

binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.

examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

Upgraded Guava version to 33.4.8.

The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt @Sangamesh1997

... (truncated)

Commits

d0db129 Bump version to 1.76.0
aa672ca Update README etc to reference 1.76.0
70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
f89d1d8 api: remove nullable from StatusOr value methods (#12338)
040665f examples: Explain Bazel BCR releases and git_override option
4995700 xds: Remove verify TODO for onResult2 error status
afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
1a7042a android: fix network change handling on API levels < 24
8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
Additional commits viewable in compare view

Updates io.grpc:grpc-stub from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-stub's releases.

v1.76.0

Bug Fixes

xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.

compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.

servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.

servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.

binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.

binder: The server will now only accept post-setup transactions from the authorized server UID.

util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”

android: A fix has been implemented for network change handling on API levels below 24.

Improvements

api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.

api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.

servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name

servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first

xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs

bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.

bazel: Unnecessary direct build dependencies were removed from some targets

netty: Support for the BCJSSE provider has been added in GrpcSslContexts.

netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers

netty: Include allow header for HTTP response code 405

okhttp: Include allow header for HTTP response code 405

binder: Error descriptions for ServiceConnection callbacks have been improved

binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.

compiler: Support for macOS aarch64 with a universal binary has been added.

opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support

binder: A NameResolver for Android's intent: URIs has been introduced.

binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.

examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

Upgraded Guava version to 33.4.8.

The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt @Sangamesh1997

... (truncated)

Commits

d0db129 Bump version to 1.76.0
aa672ca Update README etc to reference 1.76.0
70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
f89d1d8 api: remove nullable from StatusOr value methods (#12338)
040665f examples: Explain Bazel BCR releases and git_override option
4995700 xds: Remove verify TODO for onResult2 error status
afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
1a7042a android: fix network change handling on API levels < 24
8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
Additional commits viewable in compare view

Updates io.grpc:grpc-protobuf from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-protobuf's releases.

v1.76.0

Bug Fixes

xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.

compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.

servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.

servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.

binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.

binder: The server will now only accept post-setup transactions from the authorized server UID.

util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”

android: A fix has been implemented for network change handling on API levels below 24.

Improvements

api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.

api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.

servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name

servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first

xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs

bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.

bazel: Unnecessary direct build dependencies were removed from some targets

netty: Support for the BCJSSE provider has been added in GrpcSslContexts.

netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers

netty: Include allow header for HTTP response code 405

okhttp: Include allow header for HTTP response code 405

binder: Error descriptions for ServiceConnection callbacks have been improved

binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.

compiler: Support for macOS aarch64 with a universal binary has been added.

opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support

binder: A NameResolver for Android's intent: URIs has been introduced.

binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.

examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

Upgraded Guava version to 33.4.8.

The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt @Sangamesh1997

... (truncated)

Commits

d0db129 Bump version to 1.76.0
aa672ca Update README etc to reference 1.76.0
70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
f89d1d8 api: remove nullable from StatusOr value methods (#12338)
040665f examples: Explain Bazel BCR releases and git_override option
4995700 xds: Remove verify TODO for onResult2 error status
afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
1a7042a android: fix network change handling on API levels < 24
8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
Additional commits viewable in compare view

Updates io.grpc:grpc-stub from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-stub's releases.

v1.76.0

Bug Fixes

xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.

compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.

servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.

servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.

binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.

binder: The server will now only accept post-setup transactions from the authorized server UID.

util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”

android: A fix has been implemented for network change handling on API levels below 24.

Improvements

api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.

api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.

servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name

servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first

xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs

bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.

bazel: Unnecessary direct build dependencies were removed from some targets

netty: Support for the BCJSSE provider has been added in GrpcSslContexts.

netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers

netty: Include allow header for HTTP response code 405

okhttp: Include allow header for HTTP response code 405

binder: Error descriptions for ServiceConnection callbacks have been improved

binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.

compiler: Support for macOS aarch64 with a universal binary has been added.

opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support

binder: A NameResolver for Android's intent: URIs has been introduced.

binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.

examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

Upgraded Guava version to 33.4.8.

The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt @Sangamesh1997

... (truncated)

Commits

d0db129 Bump version to 1.76.0
aa672ca Update README etc to reference 1.76.0
70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
f89d1d8 api: remove nullable from StatusOr value methods (#12338)
040665f examples: Explain Bazel BCR releases and git_override option
4995700 xds: Remove verify TODO for onResult2 error status
afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
1a7042a android: fix network change handling on API levels < 24
8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.4 to 3.27.6

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.6

🐛 Bug Fixes

Core

Add missing export for org.assertj.core.annotation #3951

❤️ Contributors

Thanks to all the contributors who worked on this release:

@duponter

v3.27.5

⚡ Improvements

Core

ByteBuddy in AssertJ 3.27.4 not compatible with Java 25 #3946

🔨 Dependency Upgrades

Core

Upgrade to Byte Buddy 1.17.7 #3947

Upgrade to JUnit BOM 5.13.4 #3947

Guava

Upgrade to Guava 33.4.8-jre #3947

Commits

716b1e0 [maven-release-plugin] prepare release assertj-build-3.27.6
e189652 Add missing export for org.assertj.core.annotation (#3951)
0cb489e Update Maven Central URL
7286309 [maven-release-plugin] prepare for next development iteration
dd4cc1d [maven-release-plugin] prepare release assertj-build-3.27.5
1d0defc Add missing permission to release workflow
844d5d0 Add missing GitHub Actions pinning to CodeQL workflow
bdd7106 Add CodeQL custom workflow
a93d7e6 Remove EOL Java 24
26ea866 Update production dependencies (#3947)
Additional commits viewable in compare view

Updates com.google.code.gson:gson from 2.13.1 to 2.13.2

Release notes

Sourced from

Bumps the all group with 39 updates in the /java directory: | Package | From | To | | --- | --- | --- | | org.apache.logging.log4j:log4j-api | `2.25.1` | `2.25.2` | | org.apache.logging.log4j:log4j-slf4j2-impl | `2.25.1` | `2.25.2` | | org.apache.logging.log4j:log4j-core | `2.25.1` | `2.25.2` | | org.apache.commons:commons-lang3 | `3.18.0` | `3.19.0` | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.19.2` | `2.20.0` | | [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | `2.19.2` | `2.20.0` | | [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) | `42.7.7` | `42.7.8` | | [com.mysql:mysql-connector-j](https://github.com/mysql/mysql-connector-j) | `9.4.0` | `9.5.0` | | [io.grpc:grpc-netty-shaded](https://github.com/grpc/grpc-java) | `1.75.0` | `1.76.0` | | [io.grpc:grpc-protobuf](https://github.com/grpc/grpc-java) | `1.75.0` | `1.76.0` | | [io.grpc:grpc-stub](https://github.com/grpc/grpc-java) | `1.75.0` | `1.76.0` | | [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.4` | `3.27.6` | | [com.google.code.gson:gson](https://github.com/google/gson) | `2.13.1` | `2.13.2` | | [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.5.0-jre` | | software.amazon.awssdk:s3 | `2.32.19` | `2.36.2` | | software.amazon.awssdk:sts | `2.32.19` | `2.36.2` | | software.amazon.awssdk:apache-client | `2.32.19` | `2.36.2` | | software.amazon.awssdk:glue | `2.32.19` | `2.36.2` | | org.eclipse.jetty:jetty-client | `12.0.24` | `12.1.3` | | org.eclipse.jetty:jetty-util | `12.0.24` | `12.1.3` | | org.eclipse.jetty:jetty-http | `12.0.24` | `12.1.3` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` | | [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) | `3.11.2` | `3.12.0` | | [org.apache.iceberg:iceberg-core](https://github.com/apache/iceberg) | `1.9.2` | `1.10.0` | | [org.apache.iceberg:iceberg-api](https://github.com/apache/iceberg) | `1.9.2` | `1.10.0` | | [org.apache.iceberg:iceberg-bundled-guava](https://github.com/apache/iceberg) | `1.9.2` | `1.10.0` | | [org.apache.iceberg:iceberg-hive-metastore](https://github.com/apache/iceberg) | `1.9.2` | `1.10.0` | | [org.apache.iceberg:iceberg-aws](https://github.com/apache/iceberg) | `1.9.2` | `1.10.0` | | [org.apache.iceberg:iceberg-gcp](https://github.com/apache/iceberg) | `1.9.2` | `1.10.0` | | org.apache.hadoop:hadoop-common | `3.4.1` | `3.4.2` | | org.apache.hadoop:hadoop-mapreduce-client-core | `3.4.1` | `3.4.2` | | org.apache.hadoop:hadoop-mapreduce-client-common | `3.4.1` | `3.4.2` | | org.apache.hadoop:hadoop-mapreduce-client-jobclient | `3.4.1` | `3.4.2` | | org.apache.hadoop:hadoop-aws | `3.4.1` | `3.4.2` | | [org.apache.iceberg:iceberg-snowflake](https://github.com/apache/iceberg) | `1.9.2` | `1.10.0` | | [org.apache.cassandra:java-driver-core](https://github.com/datastax/java-driver) | `4.19.0` | `4.19.1` | | [com.amazon.redshift:redshift-jdbc42](https://github.com/aws/amazon-redshift-jdbc-driver) | `2.1.0.33` | `2.2.0` | | [net.snowflake:snowflake-jdbc](https://github.com/snowflakedb/snowflake-jdbc) | `3.23.0` | `3.27.0` | | [com.zaxxer:HikariCP](https://github.com/brettwooldridge/HikariCP) | `6.3.2` | `6.3.3` | Updates `org.apache.logging.log4j:log4j-api` from 2.25.1 to 2.25.2 Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.1 to 2.25.2 Updates `org.apache.logging.log4j:log4j-core` from 2.25.1 to 2.25.2 Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.1 to 2.25.2 Updates `org.apache.logging.log4j:log4j-core` from 2.25.1 to 2.25.2 Updates `org.apache.commons:commons-lang3` from 3.18.0 to 3.19.0 Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.20.0 - [Commits](FasterXML/jackson-core@jackson-core-2.19.2...jackson-core-2.20.0) Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.20.0 - [Commits](FasterXML/jackson-core@jackson-core-2.19.2...jackson-core-2.20.0) Updates `org.postgresql:postgresql` from 42.7.7 to 42.7.8 - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.7.7...REL42.7.8) Updates `com.mysql:mysql-connector-j` from 9.4.0 to 9.5.0 - [Changelog](https://github.com/mysql/mysql-connector-j/blob/release/9.x/CHANGES) - [Commits](mysql/mysql-connector-j@9.4.0...9.5.0) Updates `io.grpc:grpc-netty-shaded` from 1.75.0 to 1.76.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.75.0...v1.76.0) Updates `io.grpc:grpc-protobuf` from 1.75.0 to 1.76.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.75.0...v1.76.0) Updates `io.grpc:grpc-stub` from 1.75.0 to 1.76.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.75.0...v1.76.0) Updates `io.grpc:grpc-protobuf` from 1.75.0 to 1.76.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.75.0...v1.76.0) Updates `io.grpc:grpc-stub` from 1.75.0 to 1.76.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.75.0...v1.76.0) Updates `org.assertj:assertj-core` from 3.27.4 to 3.27.6 - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.27.4...assertj-build-3.27.6) Updates `com.google.code.gson:gson` from 2.13.1 to 2.13.2 - [Release notes](https://github.com/google/gson/releases) - [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md) - [Commits](google/gson@gson-parent-2.13.1...gson-parent-2.13.2) Updates `com.google.guava:guava` from 33.4.8-jre to 33.5.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `software.amazon.awssdk:s3` from 2.32.19 to 2.36.2 Updates `software.amazon.awssdk:sts` from 2.32.19 to 2.36.2 Updates `software.amazon.awssdk:apache-client` from 2.32.19 to 2.36.2 Updates `software.amazon.awssdk:glue` from 2.32.19 to 2.36.2 Updates `software.amazon.awssdk:sts` from 2.32.19 to 2.36.2 Updates `software.amazon.awssdk:apache-client` from 2.32.19 to 2.36.2 Updates `software.amazon.awssdk:glue` from 2.32.19 to 2.36.2 Updates `org.eclipse.jetty:jetty-client` from 12.0.24 to 12.1.3 Updates `org.eclipse.jetty:jetty-util` from 12.0.24 to 12.1.3 Updates `org.eclipse.jetty:jetty-http` from 12.0.24 to 12.1.3 Updates `org.eclipse.jetty:jetty-util` from 12.0.24 to 12.1.3 Updates `org.eclipse.jetty:jetty-http` from 12.0.24 to 12.1.3 Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.11.2 to 3.12.0 - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.2...maven-javadoc-plugin-3.12.0) Updates `org.apache.iceberg:iceberg-core` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-api` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-bundled-guava` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-hive-metastore` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-aws` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-gcp` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-api` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-bundled-guava` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-hive-metastore` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.hadoop:hadoop-common` from 3.4.1 to 3.4.2 Updates `org.apache.hadoop:hadoop-mapreduce-client-core` from 3.4.1 to 3.4.2 Updates `org.apache.hadoop:hadoop-mapreduce-client-common` from 3.4.1 to 3.4.2 Updates `org.apache.hadoop:hadoop-mapreduce-client-jobclient` from 3.4.1 to 3.4.2 Updates `org.apache.hadoop:hadoop-aws` from 3.4.1 to 3.4.2 Updates `org.apache.hadoop:hadoop-mapreduce-client-core` from 3.4.1 to 3.4.2 Updates `org.apache.hadoop:hadoop-mapreduce-client-common` from 3.4.1 to 3.4.2 Updates `org.apache.hadoop:hadoop-mapreduce-client-jobclient` from 3.4.1 to 3.4.2 Updates `org.apache.iceberg:iceberg-aws` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-gcp` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.iceberg:iceberg-snowflake` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/apache/iceberg/releases) - [Commits](apache/iceberg@apache-iceberg-1.9.2...apache-iceberg-1.10.0) Updates `org.apache.cassandra:java-driver-core` from 4.19.0 to 4.19.1 - [Release notes](https://github.com/datastax/java-driver/releases) - [Commits](apache/cassandra-java-driver@4.19.0...4.19.1) Updates `com.amazon.redshift:redshift-jdbc42` from 2.1.0.33 to 2.2.0 - [Release notes](https://github.com/aws/amazon-redshift-jdbc-driver/releases) - [Changelog](https://github.com/aws/amazon-redshift-jdbc-driver/blob/master/CHANGELOG.md) - [Commits](aws/amazon-redshift-jdbc-driver@v2.1.0.33...v2.2.0) Updates `net.snowflake:snowflake-jdbc` from 3.23.0 to 3.27.0 - [Release notes](https://github.com/snowflakedb/snowflake-jdbc/releases) - [Changelog](https://github.com/snowflakedb/snowflake-jdbc/blob/master/CHANGELOG.md) - [Commits](snowflakedb/snowflake-jdbc@v3.23.0...v3.27.0) Updates `com.zaxxer:HikariCP` from 6.3.2 to 6.3.3 - [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES) - [Commits](brettwooldridge/HikariCP@HikariCP-6.3.2...HikariCP-6.3.3) Updates `org.apache.hadoop:hadoop-aws` from 3.4.1 to 3.4.2 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-api dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.logging.log4j:log4j-core dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.logging.log4j:log4j-core dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.commons:commons-lang3 dependency-version: 3.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: 2.20.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.20.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.20.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all - dependency-name: org.postgresql:postgresql dependency-version: 42.7.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: com.mysql:mysql-connector-j dependency-version: 9.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: io.grpc:grpc-netty-shaded dependency-version: 1.76.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: io.grpc:grpc-protobuf dependency-version: 1.76.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: io.grpc:grpc-stub dependency-version: 1.76.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: io.grpc:grpc-protobuf dependency-version: 1.76.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: io.grpc:grpc-stub dependency-version: 1.76.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.assertj:assertj-core dependency-version: 3.27.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: com.google.code.gson:gson dependency-version: 2.13.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: com.google.guava:guava dependency-version: 33.5.0-jre dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: software.amazon.awssdk:s3 dependency-version: 2.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: software.amazon.awssdk:sts dependency-version: 2.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: software.amazon.awssdk:apache-client dependency-version: 2.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: software.amazon.awssdk:glue dependency-version: 2.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: software.amazon.awssdk:sts dependency-version: 2.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: software.amazon.awssdk:apache-client dependency-version: 2.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: software.amazon.awssdk:glue dependency-version: 2.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.eclipse.jetty:jetty-client dependency-version: 12.1.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.eclipse.jetty:jetty-util dependency-version: 12.1.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.eclipse.jetty:jetty-http dependency-version: 12.1.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.eclipse.jetty:jetty-util dependency-version: 12.1.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.eclipse.jetty:jetty-http dependency-version: 12.1.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-core dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-api dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-bundled-guava dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-hive-metastore dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-aws dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-gcp dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-api dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-bundled-guava dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-hive-metastore dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.hadoop:hadoop-common dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.hadoop:hadoop-mapreduce-client-core dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.hadoop:hadoop-mapreduce-client-common dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.hadoop:hadoop-mapreduce-client-jobclient dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.hadoop:hadoop-aws dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.hadoop:hadoop-mapreduce-client-core dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.hadoop:hadoop-mapreduce-client-common dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.hadoop:hadoop-mapreduce-client-jobclient dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.iceberg:iceberg-aws dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-gcp dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.iceberg:iceberg-snowflake dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: org.apache.cassandra:java-driver-core dependency-version: 4.19.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: com.amazon.redshift:redshift-jdbc42 dependency-version: 2.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: net.snowflake:snowflake-jdbc dependency-version: 3.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: com.zaxxer:HikariCP dependency-version: 6.3.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: all - dependency-name: org.apache.hadoop:hadoop-aws dependency-version: 3.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 27, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chore(deps): Bump the all group across 1 directory with 39 updates #23587

chore(deps): Bump the all group across 1 directory with 39 updates #23587

dependabot bot commented on behalf of github Oct 27, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

chore(deps): Bump the all group across 1 directory with 39 updates #23587

Are you sure you want to change the base?

chore(deps): Bump the all group across 1 directory with 39 updates #23587

Conversation

dependabot bot commented on behalf of github Oct 27, 2025

v42.7.8

Notable changes:

Changes

🐛 Bug Fixes

🧰 Maintenance

[42.7.8] (2025-09-18)

Added

Changed

Fixed

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/en/

v1.76.0

Bug Fixes

Improvements

New Features

Documentation

Dependencies

Thanks to

v1.76.0

Bug Fixes

Improvements

New Features

Documentation

Dependencies

Thanks to

v1.76.0

Bug Fixes

Improvements

New Features

Documentation

Dependencies

Thanks to

v1.76.0

Bug Fixes

Improvements

New Features

Documentation

Dependencies

Thanks to

v1.76.0

Bug Fixes

Improvements

New Features

Documentation

Dependencies

Thanks to

v3.27.6

🐛 Bug Fixes

Core

❤️ Contributors

v3.27.5

⚡ Improvements

Core

🔨 Dependency Upgrades

Core

Guava

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant