search

Legoman99573 / GravesX

A fork of Graves by ranull. Source also forked from JSmethers.
https://www.spigotmc.org/resources/gravesx.118271/
GNU General Public License v3.0
3 stars 1 forks source link

Bump com.mysql:mysql-connector-j from 9.0.0 to 9.1.0 #52

Closed dependabot[bot] closed 3 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps com.mysql:mysql-connector-j from 9.0.0 to 9.1.0.

Changelog

Sourced from com.mysql:mysql-connector-j's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/en/

Version 9.1.0

  • Fix for Bug#116114 (Bug#37067812), Connector/J is writing incorrect values when passed negative dates.

  • Fix for Bug#96623 (Bug#30221117), batch update with rewriteBatchedStatements&useServerPrepStmts send fail request.

  • Fix for Bug#114705 (Bug#36539680), Contribution: make trustStorePassword be null if this.trustStoreSettings.keyStorePassword is null. Thanks to Jesper Blomquist for his contribution.

  • Fix for Bug#84117 (Bug#25247468), includeThreadNamesAsStatementComment ignored when using prepared statement. Thanks to Yyjun Yyjun for his contribution.

  • Fix for Bug#101054 (Bug#32544786), Batched Query > maxAllowedPacket size causes an ArrayIndexOutOfBoundsException.

  • Fix for Bug#108415 (Bug#34579258), NullPointerException in AbstractQuery::stopQueryTimer. Thanks to Anthony Milbourne for his contribution.

  • Fix for Bug#115265 (Bug#36843227), Second stored procedure call with cacheCallableStmts might fail.

  • Fix for Bug#36936407, PrepareCall method doesn't work as expected when DB name is involved.

  • WL#16490, OpenID Connect authentication support.

  • Fix for Bug#112790 (Bug#35936477), Statement.getGeneratedKeys() returns unexpected value.

  • Fix for Bug#113509 (Bug#36154975), closeOnCompletion cause no statement reuse and server memory leak.

  • Fix for Bug#109418 (Bug#36043556), batch insert threw an unexpected exception.

  • Fix for Bug#114410 (Bug#36434816), Code performance issue.

  • Fix for Bug#110586 (Bug#35254470), got unexpected result when the data type was set to ZEROFILL.

Version 9.0.0

  • WL#16391, Upgrade 3rd party libraries and tools.

  • Fix for Bug#114800 (Bug#36576596), Wrong code by an old patch.

  • Fix for Bug#114846 (Bug#36574322), Auto-closeable X dev session. Thanks to Daniel Kec for his contribution.

  • Fix for Bug#114989 (Bug#36612566), Setting null value in setClientInfo throws an NPE.

  • WL#16376, Set 'caching_sha2_password' as default fallback authentication plugin.

  • WL#16342, Update MySQL error codes mapping.

... (truncated)

Commits
  • cf2917e Update for CONTRIBUTING and README files, and new file SECURITY.md.
  • cc462a6 WL#16490, OpenID Connect authentication support - documentation review.
  • f545ee7 Update for GPL license book.
  • 9af2df7 Fix for Bug#116114 (Bug#37067812), Connector/J is writing incorrect values wh...
  • 03dedd7 Fix for Bug#96623 (Bug#30221117), batch update with rewriteBatchedStatements&...
  • 5530fb9 Fix for Bug#114705 (Bug#36539680), Contribution: make trustStorePassword be n...
  • c3c536a Fix for Bug#84117 (Bug#25247468), includeThreadNamesAsStatementComment ignore...
  • 288db53 Fix for Bug#101054 (Bug#32544786), Batched Query > maxAllowedPacket size caus...
  • 1b317cf Fix for Bug#108415 (Bug#34579258), NullPointerException in AbstractQuery::sto...
  • 5a27bc4 Fix for Bug#115265 (Bug#36843227), Second stored procedure call with cacheCal...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 3 weeks ago

Dependency Review

The following issues were found:

See the Details below.

License Issues

pom.xml

PackageVersionLicenseIssue Type
com.mysql:mysql-connector-j9.1.0NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
maven/com.mysql:mysql-connector-j 9.1.0 :green_circle: 3.7
Details
CheckScoreReason
Code-Review:warning: 0Found 0/30 approved changesets -- score normalized to 0
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:warning: -1no workflows found
Token-Permissions:warning: -1No tokens found
SAST:warning: 0no SAST tool detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Signed-Releases:warning: -1no releases found
Security-Policy:warning: 0security policy file not detected
Pinned-Dependencies:warning: -1no dependencies found
Fuzzing:green_circle: 10project is fuzzed
Vulnerabilities:green_circle: 91 existing vulnerabilities detected

Scanned Manifest Files

pom.xml
  • com.mysql:mysql-connector-j@9.1.0
  • com.mysql:mysql-connector-j@9.0.0
dependabot[bot] commented 3 weeks ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.