search

TreyM-WSS / concord

Concord - workflow orchestration and continuous deployment management
https://concord.walmartlabs.com
Other
0 stars 1 forks source link

Update dependency com.google.code.gson:gson to v2.8.9 #241

Open mend-for-github-com[bot] opened 1 year ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
com.google.code.gson:gson compile patch 2.8.6 -> 2.8.9

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
High 7.7 WS-2021-0419 #120
High 7.5 CVE-2022-25647 #240

Release Notes

google/gson (com.google.code.gson:gson) ### [`v2.8.9`](https://togithub.com/google/gson/blob/HEAD/CHANGELOG.md#Version-289) - Make OSGi bundle's dependency on `sun.misc` optional ([https://github.com/google/gson/pull/1993](https://togithub.com/google/gson/pull/1993)). - Deprecate `Gson.excluder()` exposing internal `Excluder` class ([https://github.com/google/gson/pull/1986](https://togithub.com/google/gson/pull/1986)). - Prevent Java deserialization of internal classes ([https://github.com/google/gson/pull/1991](https://togithub.com/google/gson/pull/1991)). - Improve number strategy implementation ([https://github.com/google/gson/pull/1987](https://togithub.com/google/gson/pull/1987)). - Fix LongSerializationPolicy null handling being inconsistent with Gson ([https://github.com/google/gson/pull/1990](https://togithub.com/google/gson/pull/1990)). - Support arbitrary Number implementation for Object and Number deserialization ([https://github.com/google/gson/pull/1290](https://togithub.com/google/gson/pull/1290)). - Bump proguard-maven-plugin from 2.4.0 to 2.5.1 ([https://github.com/google/gson/pull/1980](https://togithub.com/google/gson/pull/1980)). - Don't exclude static local classes ([https://github.com/google/gson/pull/1969](https://togithub.com/google/gson/pull/1969)). - Fix `RuntimeTypeAdapterFactory` depending on internal `Streams` class ([https://github.com/google/gson/pull/1959](https://togithub.com/google/gson/pull/1959)). - Improve Maven build ([https://github.com/google/gson/pull/1964](https://togithub.com/google/gson/pull/1964)). - Make dependency on `java.sql` optional ([https://github.com/google/gson/pull/1707](https://togithub.com/google/gson/pull/1707)). ### [`v2.8.8`](https://togithub.com/google/gson/blob/HEAD/CHANGELOG.md#Version-288) - Fixed issue with recursive types ([https://github.com/google/gson/issues/1390](https://togithub.com/google/gson/issues/1390)). - Better behaviour with Java 9+ and `Unsafe` if there is a security manager ([https://github.com/google/gson/pull/1712](https://togithub.com/google/gson/pull/1712)). - `EnumTypeAdapter` now works better when ProGuard has obfuscated enum fields ([https://github.com/google/gson/pull/1495](https://togithub.com/google/gson/pull/1495)). ### [`v2.8.7`](https://togithub.com/google/gson/blob/HEAD/CHANGELOG.md#Version-287) - Fixed `ISO8601UtilsTest` failing on systems with UTC+X. - Improved javadoc for `JsonStreamParser`. - Updated proguard.cfg ([https://github.com/google/gson/pull/1693](https://togithub.com/google/gson/pull/1693)). - Fixed `IllegalStateException` in `JsonTreeWriter` ([https://github.com/google/gson/issues/1592](https://togithub.com/google/gson/issues/1592)). - Added `JsonArray.isEmpty()` ([https://github.com/google/gson/pull/1640](https://togithub.com/google/gson/pull/1640)). - Added new test cases ([https://github.com/google/gson/pull/1638](https://togithub.com/google/gson/pull/1638)). - Fixed OSGi metadata generation to work on JavaSE < 9 ([https://github.com/google/gson/pull/1603](https://togithub.com/google/gson/pull/1603)).