Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump org.tukaani:xz from 1.9 to 1.10 #108

Merged
merged 1 commit into from
Jul 30, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 29, 2024

Bumps org.tukaani:xz from 1.9 to 1.10.

Changelog

Sourced from org.tukaani:xz's changelog.

1.10 (2024-07-29)

  • Licensing change: From version 1.10 onwards, XZ for Java is under the BSD Zero Clause License (0BSD). 1.9 and older are in the public domain and obviously remain so; the change only affects the new releases.

    0BSD is an extremely permissive license which doesn't require retaining or reproducing copyright or license notices when distributing the code, thus in practice there is extremely little difference to public domain.

  • Mark copyright and license information in the source package so that it is compliant to the REUSE Specification version 3.2.

  • Improve LZMAInputStream.enableRelaxedEndCondition():

    • Error detection is slightly better.

    • The input position will always be at the end of the stream after successful decompression.

  • Support .lzma files that have both a known uncompressed size and the end marker. Such files are uncommon but valid. The same issue was fixed in XZ Utils 5.2.6 in 2022.

  • Add ARM64 and RISC-V BCJ filters.

  • Speed optimizations:

    • Delta filter
    • LZMA/LZMA2 decoder
    • LZMA/LZMA2 encoder (partially Java >= 9 only)
    • CRC64 (Java >= 9 only)
  • Changes that affect API/ABI compatibility:

    • Change XZOutputStream constructors to not call the method public void updateFilters(FilterOptions[] filterOptions).

    • In SeekableXZInputStream, change the method public void seekToBlock(int blockNumber) to not call the method public long getBlockPos(int blockNumber).

    • Make the filter options classes final:

      • ARM64Options
      • ARMOptions
      • ARMThumbOptions
      • DeltaOptions

... (truncated)

Commits
  • 0f5ee02 Bump the version number to 1.10
  • 4cd5a8b Update NEWS.md for 1.10
  • 21edbdf README.md: Add a section about reproducible builds
  • 372dc48 README.md: Use a subheading for old build environments
  • 5ec1e8e build.xml: Add Build-Jdk-Spec to MANIFEST.MF
  • 2103742 build.xml: Make MANIFEST.MF friendlier to reproducible builds
  • d18a12a build.xml: Use <macrodef> to make JARs of the demo programs
  • 39b7371 build.xml: Add SOURCE_DATE_EPOCH support
  • 5689e64 build.xml: Change the "pom" target to use unversioned filename
  • 7f4ccd6 Simplify building with OpenJDK 8
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.tukaani:xz](https://github.com/tukaani-project/xz-java) from 1.9 to 1.10.
- [Release notes](https://github.com/tukaani-project/xz-java/releases)
- [Changelog](https://github.com/tukaani-project/xz-java/blob/master/NEWS.md)
- [Commits](tukaani-project/xz-java@v1.9...v1.10)

---
updated-dependencies:
- dependency-name: org.tukaani:xz
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 29, 2024
@CloneWith CloneWith merged commit 51bb488 into main Jul 30, 2024
4 checks passed
@dependabot dependabot bot deleted the dependabot/maven/org.tukaani-xz-1.10 branch July 30, 2024 11:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code size/XS
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant