search

flipkart-incubator / zjsonpatch

This is an implementation of RFC 6902 JSON Patch written in Java
Apache License 2.0
523 stars 148 forks source link

Bump jackson.version from 2.12.1 to 2.14.0 #155

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps jackson.version from 2.12.1 to 2.14.0. Updates jackson-databind from 2.12.1 to 2.14.0

Commits


Updates jackson-core from 2.12.1 to 2.14.0

Commits
  • 97ca01b [maven-release-plugin] prepare release jackson-core-2.14.0
  • ea15e31 Prepare for 2.14.0
  • 0d48020 Fix #834 (rare buffer condition for number-parsing, found by oss-fuzz project)
  • 2e2cff0 back to snapshot deps
  • 37c7c4f [maven-release-plugin] prepare for next development iteration
  • 597e823 [maven-release-plugin] prepare release jackson-core-2.14.0-rc3
  • f993069 ...
  • 5c1e559 Prepare for 2.14.0-rc3
  • 5a6215a Tiny upgrade to Github/CI
  • a1e1b8a Bump actions/upload-artifact from 1 to 3 (#831)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
aludvik commented 1 year ago

Is it possible to merge this and cut a new release? I'd like to use this project, but I can't introduce any new vulnerabilities into our ecosystem. Thanks!

vishwakarma commented 1 year ago

Hi @aludvik I will release the new version by tomorrow.

vishwakarma commented 1 year ago

Hi @aludvik Released the new version (0.4.13), i hope it will be available in maven repo soon.