wgzhao / Addax

Addax is a versatile open-source ETL tool that can seamlessly transfer data between various RDBMS and NoSQL databases, making it an ideal solution for data migration.
https://wgzhao.github.io/Addax/
Apache License 2.0
1.2k stars 304 forks source link

Bump org.tukaani:xz from 1.9 to 1.10 #1077

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps org.tukaani:xz from 1.9 to 1.10.

Changelog

Sourced from org.tukaani:xz's changelog.

1.10 (2024-07-29)

  • Licensing change: From version 1.10 onwards, XZ for Java is under the BSD Zero Clause License (0BSD). 1.9 and older are in the public domain and obviously remain so; the change only affects the new releases.

    0BSD is an extremely permissive license which doesn't require retaining or reproducing copyright or license notices when distributing the code, thus in practice there is extremely little difference to public domain.

  • Mark copyright and license information in the source package so that it is compliant to the REUSE Specification version 3.2.

  • Improve LZMAInputStream.enableRelaxedEndCondition():

    • Error detection is slightly better.

    • The input position will always be at the end of the stream after successful decompression.

  • Support .lzma files that have both a known uncompressed size and the end marker. Such files are uncommon but valid. The same issue was fixed in XZ Utils 5.2.6 in 2022.

  • Add ARM64 and RISC-V BCJ filters.

  • Speed optimizations:

    • Delta filter
    • LZMA/LZMA2 decoder
    • LZMA/LZMA2 encoder (partially Java >= 9 only)
    • CRC64 (Java >= 9 only)
  • Changes that affect API/ABI compatibility:

    • Change XZOutputStream constructors to not call the method public void updateFilters(FilterOptions[] filterOptions).

    • In SeekableXZInputStream, change the method public void seekToBlock(int blockNumber) to not call the method public long getBlockPos(int blockNumber).

    • Make the filter options classes final:

      • ARM64Options
      • ARMOptions
      • ARMThumbOptions
      • DeltaOptions

... (truncated)

Commits
  • 0f5ee02 Bump the version number to 1.10
  • 4cd5a8b Update NEWS.md for 1.10
  • 21edbdf README.md: Add a section about reproducible builds
  • 372dc48 README.md: Use a subheading for old build environments
  • 5ec1e8e build.xml: Add Build-Jdk-Spec to MANIFEST.MF
  • 2103742 build.xml: Make MANIFEST.MF friendlier to reproducible builds
  • d18a12a build.xml: Use <macrodef> to make JARs of the demo programs
  • 39b7371 build.xml: Add SOURCE_DATE_EPOCH support
  • 5689e64 build.xml: Change the "pom" target to use unversioned filename
  • 7f4ccd6 Simplify building with OpenJDK 8
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)