Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump com.zaxxer:HikariCP from 6.0.0 to 6.2.0 in /prime-router #16573

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 17, 2024

Bumps com.zaxxer:HikariCP from 6.0.0 to 6.2.0.

Changelog

Sourced from com.zaxxer:HikariCP's changelog.

HikariCP Changes

Changes in 6.2.0

  • merged #2238 handle SQLTimeoutException without eviction. Users looking to preserve previous behavior should provide an implementation of com.zaxxer.hikari.SQLExceptionOverride to the pool configuration.

  • added new enum value, Override.MUST_EVICT, available to implementations of com.zaxxer.hikari.SQLExceptionOverride

  • enhanced debug logging in circumstances where the pool falls to zero size and new coonections to the database continue to fail.

  • update test dependencies that were flagged as having vulnerabilities

Changes in 6.1.0

  • fixed #1960 allow SQLExceptionOverride to adjudicate all exceptions for eviction

  • merged #1962 dropwizard 5 metrics are now supported via the setMetricRegistry() method in HikariConfig and in HikariDataSource

  • merged #2244 improve JavassistProxyFactory

  • merged #2243 fix inconsistency between isWrapperFor and unwrap

  • merged #1827 support loading properties file in unnamed resources module

  • merged #1842 don't clear isCommitStateDirty flag in setReadOnly

  • change default maxLifetime variance from 2.5% to 25% to further avoid mass connection die-off dips

Changes in 6.0.0

  • fixed #2152 duplicate connection in try with resources clause caused close() being called twice on each connection

  • merged #2226 consistent handling of errorCode and sqlState in timeout exception

  • merged #2199 eliminate network call if state get is called after set

  • merged #2189 add support to get and set db credentials in an atomic operation

  • merged #2149 make Savepoint rollbacks mark the connection dirty

  • merged #2157 close connections marked as evicted instead of returning them to the pool

  • merged #2147 skip Connection::setNetworkTimeout if PoolBase::shutdownNetworkTimeoutExecutor is called

  • merged #2126 added Support For beginRequest and endRequest

  • small improvements and cleanup from pull request #2166

... (truncated)

Commits
  • c6b5eea [maven-release-plugin] prepare release HikariCP-6.2.0
  • 14f2c6e update release version
  • d32e26e Update CHANGES
  • 5df12d6 Update README.md
  • ec6891a Expand/improve SQLExceptionOverride handling flexibility
  • c7cf4b3 Do not treat a SQLTimeoutException as an evictable offense (#2238)
  • 039942b Update README.md
  • 1695eb5 Update README.md
  • b9690a0 Update README.md
  • d20e547 upgrade commons-compress dependency due to security vulnerability (test scope...
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [com.zaxxer:HikariCP](https://github.com/brettwooldridge/HikariCP) from 6.0.0 to 6.2.0.
- [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES)
- [Commits](brettwooldridge/HikariCP@HikariCP-6.0.0...HikariCP-6.2.0)

---
updated-dependencies:
- dependency-name: com.zaxxer:HikariCP
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner November 17, 2024 08:50
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Nov 17, 2024
Copy link

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails

Scanned Manifest Files

Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 22, 2024

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/gradle/prime-router/com.zaxxer-HikariCP-6.2.0 branch November 22, 2024 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants