chore(deps): bump gson from 2.8.6 to 2.8.9

[dependabot[bot]]

Bumps gson from 2.8.6 to 2.8.9.

Release notes

Sourced from gson's releases.

Gson 2.8.9

• Make OSGi bundle's dependency on sun.misc optional (#1993).
• Deprecate Gson.excluder() exposing internal Excluder class (#1986).
• Prevent Java deserialization of internal classes (#1991).
• Improve number strategy implementation (#1987).
• Fix LongSerializationPolicy null handling being inconsistent with Gson (#1990).
• Support arbitrary Number implementation for Object and Number deserialization (#1290).
• Bump proguard-maven-plugin from 2.4.0 to 2.5.1 (#1980).
• Don't exclude static local classes (#1969).
• Fix RuntimeTypeAdapterFactory depending on internal Streams class (#1959).
• Improve Maven build (#1964).
• Make dependency on java.sql optional (#1707).

Gson 2.8.8

• Fixed issue with recursive types (#1390).
• Better behaviour with Java 9+ and Unsafe if there is a security manager (#1712).
• EnumTypeAdapter now works better when ProGuard has obfuscated enum fields (#1495).

Changelog

Sourced from gson's changelog.

Version 2.8.9

• Make OSGi bundle's dependency on sun.misc optional (google/gson#1993).
• Deprecate Gson.excluder() exposing internal Excluder class (google/gson#1986).
• Prevent Java deserialization of internal classes (google/gson#1991).
• Improve number strategy implementation (google/gson#1987).
• Fix LongSerializationPolicy null handling being inconsistent with Gson (google/gson#1990).
• Support arbitrary Number implementation for Object and Number deserialization (google/gson#1290).
• Bump proguard-maven-plugin from 2.4.0 to 2.5.1 (google/gson#1980).
• Don't exclude static local classes (google/gson#1969).
• Fix RuntimeTypeAdapterFactory depending on internal Streams class (google/gson#1959).
• Improve Maven build (google/gson#1964).
• Make dependency on java.sql optional (google/gson#1707).

Version 2.8.8

• Fixed issue with recursive types (google/gson#1390).
• Better behaviour with Java 9+ and Unsafe if there is a security manager (google/gson#1712).
• EnumTypeAdapter now works better when ProGuard has obfuscated enum fields (google/gson#1495).

Version 2.8.7

• Fixed ISO8601UtilsTest failing on systems with UTC+X.
• Improved javadoc for JsonStreamParser.
• Updated proguard.cfg (google/gson#1693).
• Fixed IllegalStateException in JsonTreeWriter (google/gson#1592).
• Added JsonArray.isEmpty() (google/gson#1640).
• Added new test cases (google/gson#1638).
• Fixed OSGi metadata generation to work on JavaSE < 9 (google/gson#1603).

Commits

• 6a368d8 [maven-release-plugin] prepare release gson-parent-2.8.9
• ba96d53 Fix missing bounds checks for JsonTreeReader.getPath() (#2001)
• ca1df7f #1981: Optional OSGi bundle's dependency on sun.misc package (#1993)
• c54caf3 Deprecate Gson.excluder() exposing internal Excluder class (#1986)
• e6fae59 Prevent Java deserialization of internal classes (#1991)
• bda2e3d Improve number strategy implementation (#1987)
• cd748df Fix LongSerializationPolicy null handling being inconsistent with Gson (#1990)
• fe30b85 Support arbitrary Number implementation for Object and Number deserialization...
• 1cc1627 Fix incorrect feature request template label (#1982)
• 7b9a283 Bump bnd-maven-plugin from 5.3.0 to 6.0.0 (#1985)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ibi-group/datatools-server/network/alerts).

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.