Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump gremlinpython from 3.7.2 to 3.7.3 #79

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 30, 2024

Bumps gremlinpython from 3.7.2 to 3.7.3.

Changelog

Sourced from gremlinpython's changelog.

=== TinkerPop 3.7.3 (October 23, 2024)

This release also includes changes from .

  • Refactored mutation events registration by moving reusable code from relevant steps to EventUtil
  • Opened NoOpBarrierStep for extensibility (removed final keyword).
  • Deprecated public constructor for SeedStrategy in favor of builder pattern to be consistent with other strategies.
  • Allowed specification of a customized Spark app name.
  • Added getter method to CoinStep for its probability field.
  • Prevented decimal values from being parsed by asDate().
  • Prevented specification of Cardinality to option() when not used in conjunction with mergeV().
  • Exposed a mechanism for providers to customize the assertion of error messages in feature tests.
  • Attempted to detect JDK version for Gremlin Console to avoid problems with Java 17 if neo4j-gremlin is used.
  • Fixed so that TrimGlobalStep and TrimLocalStep have the same character control handling as Ltrim and Rtrim
  • Fixed a bug in MaxLocalStep, MinLocalStep, MeanLocalStep and SumLocalStep that it throws NoSuchElementException when encounters an empty iterator as input.
  • Fixed cases where Map keys of incomparable types could panic in gremlin-go.
  • Fixed an issue where missing necessary parameters for logging, resulting in '%!x(MISSING)' output in gremlin-go.
  • Added getter method to ConcatStep, ConjoinStep, SplitGlobalStep and SplitLocalStep for their private fields.
  • Fixed older driver GraphBinary compatibility problems where using ReferenceElementStrategy, properties on elements returned as null instead of empty List.
  • Gremlin Server docker containers shutdown gracefully when receiving a SIGTERM.
  • Added 'userProvidedLabel' property to detect if the default label was supplied explicitly or not.
  • Added DefaultIdManager.STRING for proper string id creation/handling.
  • Allowed specification of an Operator as a reducer in withSideEffect when parsing with the grammar.
  • Fixed bug in Bytecode build logic where duplicate strategies were added instead of replacing the existing ones.
  • Bump Groovy to 4.0.23

==== Bugs

  • TINKERPOP-3035 Add explicit property(IDictionary) for .NET
  • TINKERPOP-3050 security vulnerability in logback-core
  • TINKERPOP-3051 security vulnerability in logback-classic
  • TINKERPOP-3052 security vulnerability in ivy
  • TINKERPOP-3053 security vulnerability in netty-codec-http2
  • TINKERPOP-3076 Incorrect handling of large requests in Go GLV
  • TINKERPOP-3077 Javascript translator incorrectly handle quotes, null and undefined values
  • TINKERPOP-3079 The test TraversalStrategiesTest#shouldAllowUserManipulationOfGlobalCache is not idempotent, as it passes in the first run and fails in repeated runs in the same environment.
  • TINKERPOP-3081 When using authentication, evaluationTimeout is ignored
  • TINKERPOP-3089 min() and max() local forms not working properly with empty iterator input
  • TINKERPOP-3090 trim() steps not handling unicode characters properly
  • TINKERPOP-3093 optimization of readmap function
  • TINKERPOP-3105 Running 3.6.x python-driver with 3.7.x server leads to deserialization errors
  • TINKERPOP-3110 Incorrect Bytecode when multiple options are used in traversal
  • TINKERPOP-3116 async_timeout not declared in gremlinpython dependencies

==== Improvements

  • TINKERPOP-2700 WebSocket compression may lead to attacks (CRIME / BREACH)
  • TINKERPOP-3041 Consistent construction of SeedStrategy
  • TINKERPOP-3080 AggregateStep can support all Operators predefined in TinkerPop
  • TINKERPOP-3082 Tinkerpop hardcoded the Spark AppName

... (truncated)

Commits
  • 077e3eb TinkerPop 3.7.3 release
  • a7012c6 CTR docs fixes
  • 18d60c4 Merge branch '3.6-dev' into 3.7-dev
  • 71053f3 TinkerPop 3.6.8 release
  • be8eb02 Merge branch '3.6-dev' into 3.7-dev
  • 8518f75 fix(gremlinpython): add async_timeout to runtime deps (#2844)
  • 43958dc CTR Update NOTICE
  • 0c34840 Prevented asDate from working on decimal numbers. CTR
  • 52f36f5 Merge branch '3.6-dev' into 3.7-dev
  • 2d6814a fix flaky tests in ParametersTest (#2820)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [gremlinpython](https://github.com/apache/tinkerpop) from 3.7.2 to 3.7.3.
- [Changelog](https://github.com/apache/tinkerpop/blob/master/CHANGELOG.asciidoc)
- [Commits](apache/tinkerpop@3.7.2...3.7.3)

---
updated-dependencies:
- dependency-name: gremlinpython
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants