Bump tinkerpop.version from 3.7.2 to 3.7.3

[dependabot[bot]]

Bumps tinkerpop.version from 3.7.2 to 3.7.3. Updates org.apache.tinkerpop:gremlin-core from 3.7.2 to 3.7.3

Changelog

Sourced from org.apache.tinkerpop:gremlin-core's changelog.

=== TinkerPop 3.7.3 (October 23, 2024)

This release also includes changes from .

• Refactored mutation events registration by moving reusable code from relevant steps to EventUtil
• Opened NoOpBarrierStep for extensibility (removed final keyword).
• Deprecated public constructor for SeedStrategy in favor of builder pattern to be consistent with other strategies.
• Allowed specification of a customized Spark app name.
• Added getter method to CoinStep for its probability field.
• Prevented decimal values from being parsed by asDate().
• Prevented specification of Cardinality to option() when not used in conjunction with mergeV().
• Exposed a mechanism for providers to customize the assertion of error messages in feature tests.
• Attempted to detect JDK version for Gremlin Console to avoid problems with Java 17 if neo4j-gremlin is used.
• Fixed so that TrimGlobalStep and TrimLocalStep have the same character control handling as Ltrim and Rtrim
• Fixed a bug in MaxLocalStep, MinLocalStep, MeanLocalStep and SumLocalStep that it throws NoSuchElementException when encounters an empty iterator as input.
• Fixed cases where Map keys of incomparable types could panic in gremlin-go.
• Fixed an issue where missing necessary parameters for logging, resulting in '%!x(MISSING)' output in gremlin-go.
• Added getter method to ConcatStep, ConjoinStep, SplitGlobalStep and SplitLocalStep for their private fields.
• Fixed older driver GraphBinary compatibility problems where using ReferenceElementStrategy, properties on elements returned as null instead of empty List.
• Gremlin Server docker containers shutdown gracefully when receiving a SIGTERM.
• Added 'userProvidedLabel' property to detect if the default label was supplied explicitly or not.
• Added DefaultIdManager.STRING for proper string id creation/handling.
• Allowed specification of an Operator as a reducer in withSideEffect when parsing with the grammar.
• Fixed bug in Bytecode build logic where duplicate strategies were added instead of replacing the existing ones.
• Bump Groovy to 4.0.23

==== Bugs

• TINKERPOP-3035 Add explicit property(IDictionary) for .NET
• TINKERPOP-3050 security vulnerability in logback-core
• TINKERPOP-3051 security vulnerability in logback-classic
• TINKERPOP-3052 security vulnerability in ivy
• TINKERPOP-3053 security vulnerability in netty-codec-http2
• TINKERPOP-3076 Incorrect handling of large requests in Go GLV
• TINKERPOP-3077 Javascript translator incorrectly handle quotes, null and undefined values
• TINKERPOP-3079 The test TraversalStrategiesTest#shouldAllowUserManipulationOfGlobalCache is not idempotent, as it passes in the first run and fails in repeated runs in the same environment.
• TINKERPOP-3081 When using authentication, evaluationTimeout is ignored
• TINKERPOP-3089 min() and max() local forms not working properly with empty iterator input
• TINKERPOP-3090 trim() steps not handling unicode characters properly
• TINKERPOP-3093 optimization of readmap function
• TINKERPOP-3105 Running 3.6.x python-driver with 3.7.x server leads to deserialization errors
• TINKERPOP-3110 Incorrect Bytecode when multiple options are used in traversal
• TINKERPOP-3116 async_timeout not declared in gremlinpython dependencies

==== Improvements

• TINKERPOP-2700 WebSocket compression may lead to attacks (CRIME / BREACH)
• TINKERPOP-3041 Consistent construction of SeedStrategy
• TINKERPOP-3080 AggregateStep can support all Operators predefined in TinkerPop
• TINKERPOP-3082 Tinkerpop hardcoded the Spark AppName

... (truncated)

Commits

• 077e3eb TinkerPop 3.7.3 release
• a7012c6 CTR docs fixes
• 18d60c4 Merge branch '3.6-dev' into 3.7-dev
• 71053f3 TinkerPop 3.6.8 release
• be8eb02 Merge branch '3.6-dev' into 3.7-dev
• 8518f75 fix(gremlinpython): add async_timeout to runtime deps (#2844)
• 43958dc CTR Update NOTICE
• 0c34840 Prevented asDate from working on decimal numbers. CTR
• 52f36f5 Merge branch '3.6-dev' into 3.7-dev
• 2d6814a fix flaky tests in ParametersTest (#2820)
• Additional commits viewable in compare view

Updates org.apache.tinkerpop:gremlin-test from 3.7.2 to 3.7.3

Changelog

Sourced from org.apache.tinkerpop:gremlin-test's changelog.

=== TinkerPop 3.7.3 (October 23, 2024)

This release also includes changes from .

• Refactored mutation events registration by moving reusable code from relevant steps to EventUtil
• Opened NoOpBarrierStep for extensibility (removed final keyword).
• Deprecated public constructor for SeedStrategy in favor of builder pattern to be consistent with other strategies.
• Allowed specification of a customized Spark app name.
• Added getter method to CoinStep for its probability field.
• Prevented decimal values from being parsed by asDate().
• Prevented specification of Cardinality to option() when not used in conjunction with mergeV().
• Exposed a mechanism for providers to customize the assertion of error messages in feature tests.
• Attempted to detect JDK version for Gremlin Console to avoid problems with Java 17 if neo4j-gremlin is used.
• Fixed so that TrimGlobalStep and TrimLocalStep have the same character control handling as Ltrim and Rtrim
• Fixed a bug in MaxLocalStep, MinLocalStep, MeanLocalStep and SumLocalStep that it throws NoSuchElementException when encounters an empty iterator as input.
• Fixed cases where Map keys of incomparable types could panic in gremlin-go.
• Fixed an issue where missing necessary parameters for logging, resulting in '%!x(MISSING)' output in gremlin-go.
• Added getter method to ConcatStep, ConjoinStep, SplitGlobalStep and SplitLocalStep for their private fields.
• Fixed older driver GraphBinary compatibility problems where using ReferenceElementStrategy, properties on elements returned as null instead of empty List.
• Gremlin Server docker containers shutdown gracefully when receiving a SIGTERM.
• Added 'userProvidedLabel' property to detect if the default label was supplied explicitly or not.
• Added DefaultIdManager.STRING for proper string id creation/handling.
• Allowed specification of an Operator as a reducer in withSideEffect when parsing with the grammar.
• Fixed bug in Bytecode build logic where duplicate strategies were added instead of replacing the existing ones.
• Bump Groovy to 4.0.23

==== Bugs

• TINKERPOP-3035 Add explicit property(IDictionary) for .NET
• TINKERPOP-3050 security vulnerability in logback-core
• TINKERPOP-3051 security vulnerability in logback-classic
• TINKERPOP-3052 security vulnerability in ivy
• TINKERPOP-3053 security vulnerability in netty-codec-http2
• TINKERPOP-3076 Incorrect handling of large requests in Go GLV
• TINKERPOP-3077 Javascript translator incorrectly handle quotes, null and undefined values
• TINKERPOP-3079 The test TraversalStrategiesTest#shouldAllowUserManipulationOfGlobalCache is not idempotent, as it passes in the first run and fails in repeated runs in the same environment.
• TINKERPOP-3081 When using authentication, evaluationTimeout is ignored
• TINKERPOP-3089 min() and max() local forms not working properly with empty iterator input
• TINKERPOP-3090 trim() steps not handling unicode characters properly
• TINKERPOP-3093 optimization of readmap function
• TINKERPOP-3105 Running 3.6.x python-driver with 3.7.x server leads to deserialization errors
• TINKERPOP-3110 Incorrect Bytecode when multiple options are used in traversal
• TINKERPOP-3116 async_timeout not declared in gremlinpython dependencies

==== Improvements

• TINKERPOP-2700 WebSocket compression may lead to attacks (CRIME / BREACH)
• TINKERPOP-3041 Consistent construction of SeedStrategy
• TINKERPOP-3080 AggregateStep can support all Operators predefined in TinkerPop
• TINKERPOP-3082 Tinkerpop hardcoded the Spark AppName

... (truncated)

Commits

• 077e3eb TinkerPop 3.7.3 release
• a7012c6 CTR docs fixes
• 18d60c4 Merge branch '3.6-dev' into 3.7-dev
• 71053f3 TinkerPop 3.6.8 release
• be8eb02 Merge branch '3.6-dev' into 3.7-dev
• 8518f75 fix(gremlinpython): add async_timeout to runtime deps (#2844)
• 43958dc CTR Update NOTICE
• 0c34840 Prevented asDate from working on decimal numbers. CTR
• 52f36f5 Merge branch '3.6-dev' into 3.7-dev
• 2d6814a fix flaky tests in ParametersTest (#2820)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)