Merged
Conversation
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
dependabot
bot
deleted the
dependabot/github_actions/github/codeql-action-4
branch
iemejia
pushed a commit
to iemejia/avro
that referenced
this pull request
Apr 6, 2026
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
RyanSkraba
pushed a commit
to RyanSkraba/avro
that referenced
this pull request
Apr 6, 2026
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
RyanSkraba
added a commit
that referenced
this pull request
Apr 6, 2026
…onsistency (#3693) (#3716) * AVRO-4189: [Java] Use ClassUtils.forName() in FastReaderBuilder for consistency (#3693) FastReaderBuilder.findClass() was using data.getClassLoader().loadClass() directly, bypassing ClassUtils.forName() which is used everywhere else in the codebase. This change aligns FastReaderBuilder with the standard class loading path and adds tests for class loading behavior. * AVRO-4171: [C++] Avoid CMake warnings (#3452) Avoid CMake warnings when the fmt library isn't found on the system, which is the expected default scenario when fetching from git. * AVRO-4170: Improve sync marker error message in DataFileStream (#3446) * [AVRO-4181] add guards around optional bits in installed CMake file (#3491) * [C++] Use GNUInstallDirs to install to the correct folders (#3478) * Update _index.md (#3508) Fixing a small typo * [doc] Update _index.md fixing minor typo Port https://github.com/apache/avro/pull/3508/commits/5941c27d631997afa0e23a0a11f402407a318bb5 to ++version++ * AVRO-4173: [js] Fix namespace inheritance for nested types in schema parsing (#3466) * AVRO-4173: [JS] Fix namespace inheritance for nested types * AVRO-4173: [JS] Refactor getOpts to prevent shared state * Simplify registry and logicalTypes initialization * Revert "Simplify registry and logicalTypes initialization" This reverts commit 28fb6c0fec5077b7f0a5fc36c983fb7e1c50b18b. --------- Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> Co-authored-by: Martin Tzvetanov Grigorov <mgrigorov@apache.org> * AVRO-4178: [C++] Remove HAVE_BOOST_ASIO and Boost::system (#3480) * AVRO-4178: [C++] Remove HAVE_BOOST_ASIO and Boost::system deps * modify the old test with workaround suggestion * Bump io.netty:netty-bom from 4.2.4.Final to 4.2.7.Final in /lang/java (#3524) Bumps [io.netty:netty-bom](https://github.com/netty/netty) from 4.2.4.Final to 4.2.7.Final. - [Commits](https://github.com/netty/netty/compare/netty-4.2.4.Final...netty-4.2.7.Final) --- updated-dependencies: - dependency-name: io.netty:netty-bom dependency-version: 4.2.7.Final dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.puppycrawl.tools:checkstyle from 11.0.1 to 12.1.0 in /lang/java (#3523) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 11.0.1 to 12.1.0. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-11.0.1...checkstyle-12.1.0) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.codehaus.mojo:exec-maven-plugin in /lang/java (#3521) Bumps [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 3.5.1 to 3.6.2. - [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases) - [Commits](https://github.com/mojohaus/exec-maven-plugin/compare/3.5.1...3.6.2) --- updated-dependencies: - dependency-name: org.codehaus.mojo:exec-maven-plugin dependency-version: 3.6.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump archetype-plugin.version from 3.4.0 to 3.4.1 in /lang/java (#3513) Bumps `archetype-plugin.version` from 3.4.0 to 3.4.1. Updates `org.apache.maven.archetype:archetype-packaging` from 3.4.0 to 3.4.1 - [Release notes](https://github.com/apache/maven-archetype/releases) - [Commits](https://github.com/apache/maven-archetype/compare/maven-archetype-3.4.0...maven-archetype-3.4.1) Updates `org.apache.maven.plugins:maven-archetype-plugin` from 3.4.0 to 3.4.1 - [Release notes](https://github.com/apache/maven-archetype/releases) - [Commits](https://github.com/apache/maven-archetype/compare/maven-archetype-3.4.0...maven-archetype-3.4.1) --- updated-dependencies: - dependency-name: org.apache.maven.archetype:archetype-packaging dependency-version: 3.4.1 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.apache.maven.plugins:maven-archetype-plugin dependency-version: 3.4.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github/codeql-action from 3 to 4 (#3512) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump grpc.version from 1.75.0 to 1.76.0 in /lang/java (#3509) Bumps `grpc.version` from 1.75.0 to 1.76.0. Updates `io.grpc:grpc-core` from 1.75.0 to 1.76.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.75.0...v1.76.0) Updates `io.grpc:grpc-stub` from 1.75.0 to 1.76.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.75.0...v1.76.0) Updates `io.grpc:grpc-netty` from 1.75.0 to 1.76.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.75.0...v1.76.0) --- updated-dependencies: - dependency-name: io.grpc:grpc-core dependency-version: 1.76.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: io.grpc:grpc-stub dependency-version: 1.76.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: io.grpc:grpc-netty dependency-version: 1.76.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.codehaus.mojo:extra-enforcer-rules in /lang/java (#3505) Bumps [org.codehaus.mojo:extra-enforcer-rules](https://github.com/mojohaus/extra-enforcer-rules) from 1.10.0 to 1.11.0. - [Release notes](https://github.com/mojohaus/extra-enforcer-rules/releases) - [Commits](https://github.com/mojohaus/extra-enforcer-rules/compare/1.10.0...1.11.0) --- updated-dependencies: - dependency-name: org.codehaus.mojo:extra-enforcer-rules dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.github.luben:zstd-jni from 1.5.7-4 to 1.5.7-5 in /lang/java (#3504) Bumps [com.github.luben:zstd-jni](https://github.com/luben/zstd-jni) from 1.5.7-4 to 1.5.7-5. - [Commits](https://github.com/luben/zstd-jni/compare/v1.5.7-4...v1.5.7-5) --- updated-dependencies: - dependency-name: com.github.luben:zstd-jni dependency-version: 1.5.7-5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/setup-node from 4 to 6 (#3522) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4 to 6. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.maven.plugins:maven-compiler-plugin in /lang/java (#3499) Bumps [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.14.0 to 3.14.1. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.14.0...maven-compiler-plugin-3.14.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-version: 3.14.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.maven.plugins:maven-javadoc-plugin in /lang/java (#3494) Bumps [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.11.3 to 3.12.0. - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.11.3...maven-javadoc-plugin-3.12.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.maven.plugins:maven-shade-plugin in /lang/java (#3488) Bumps [org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin) from 3.6.0 to 3.6.1. - [Release notes](https://github.com/apache/maven-shade-plugin/releases) - [Commits](https://github.com/apache/maven-shade-plugin/compare/maven-shade-plugin-3.6.0...v3.6.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-shade-plugin dependency-version: 3.6.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/setup-python from 5 to 6 (#3485) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/labeler from 5 to 6 (#3484) Bumps [actions/labeler](https://github.com/actions/labeler) from 5 to 6. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/labeler dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.google.protobuf:protobuf-java in /lang/java (#3519) Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.32.0 to 4.33.0. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-java dependency-version: 4.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.commons:commons-lang3 in /lang/java (#3498) Bumps org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-lang3 dependency-version: 3.19.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/setup-dotnet from 4 to 5 (#3483) Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4 to 5. - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](https://github.com/actions/setup-dotnet/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-dotnet dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.maven.plugins:maven-enforcer-plugin in /lang/java (#3501) Bumps [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.6.1 to 3.6.2. - [Release notes](https://github.com/apache/maven-enforcer/releases) - [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.6.1...enforcer-3.6.2) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-enforcer-plugin dependency-version: 3.6.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.mockito:mockito-core from 5.19.0 to 5.20.0 in /lang/java (#3495) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.19.0 to 5.20.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.19.0...v5.20.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-version: 5.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * AVRO-4136: [c] json encoding of byte[] containing 0x00 (#3375) Prevent the fixed and bytes type to be preliminary cut off when they are encoded into the json encoding. * AVRO-4190: [php] Add logical types (#3526) * wip * update logical types * wip - added logical types * update PHP workflow * add composer.json to workflow path * bump composer version * add license to AvroLogicalType.php * add test on logical types * update test and fix default decimal value * improve exception messages * fix lint * improve types * add test for decimal schema validation * add test for decimal schema validation * remove is_numeric * add some test for decimal logical type (bytes) * Add AvroDuration type and extend fixed schema * additional tests for decimal * Bump org.apache.maven.plugins:maven-antrun-plugin in /lang/java (#3535) Bumps [org.apache.maven.plugins:maven-antrun-plugin](https://github.com/apache/maven-antrun-plugin) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/apache/maven-antrun-plugin/releases) - [Commits](https://github.com/apache/maven-antrun-plugin/compare/maven-antrun-plugin-3.1.0...maven-antrun-plugin-3.2.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-antrun-plugin dependency-version: 3.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump junit5.version from 5.13.4 to 5.14.0 in /lang/java (#3534) Bumps `junit5.version` from 5.13.4 to 5.14.0. Updates `org.junit.vintage:junit-vintage-engine` from 5.13.4 to 5.14.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r5.13.4...r5.14.0) Updates `org.junit.jupiter:junit-jupiter` from 5.13.4 to 5.14.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r5.13.4...r5.14.0) --- updated-dependencies: - dependency-name: org.junit.vintage:junit-vintage-engine dependency-version: 5.14.0 dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.junit.jupiter:junit-jupiter dependency-version: 5.14.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.maven.plugins:maven-plugin-plugin in /lang/java (#3529) Bumps [org.apache.maven.plugins:maven-plugin-plugin](https://github.com/apache/maven-plugin-tools) from 3.15.1 to 3.15.2. - [Release notes](https://github.com/apache/maven-plugin-tools/releases) - [Commits](https://github.com/apache/maven-plugin-tools/compare/maven-plugin-tools-3.15.1...maven-plugin-tools-3.15.2) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-plugin-plugin dependency-version: 3.15.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.puppycrawl.tools:checkstyle from 12.1.0 to 12.1.1 in /lang/java (#3530) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 12.1.0 to 12.1.1. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-12.1.0...checkstyle-12.1.1) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.1.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.github.luben:zstd-jni from 1.5.7-5 to 1.5.7-6 in /lang/java (#3531) Bumps [com.github.luben:zstd-jni](https://github.com/luben/zstd-jni) from 1.5.7-5 to 1.5.7-6. - [Commits](https://github.com/luben/zstd-jni/compare/v1.5.7-5...v1.5.7-6) --- updated-dependencies: - dependency-name: com.github.luben:zstd-jni dependency-version: 1.5.7-6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/upload-artifact from 4 to 5 (#3532) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/download-artifact from 5 to 6 (#3533) Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add package-lock.json fpr the docs build Without it the build fails with: ``` npm error code EUSAGE npm error npm error The `npm ci` command can only install with an existing package-lock.json or npm error npm-shrinkwrap.json with lockfileVersion >= 1. Run an install with npm@5 or npm error later to generate a package-lock.json file, then try again. npm error npm error Clean install a project ``` https://github.com/apache/avro/actions/runs/18835986364/job/53736989550 * AVRO-4180: [C++] Add pkg-config file (#3479) * [C++] Add pkg-config file * [C++] Bump minimum required CMake version to 3.20 Required for the cmake_path function for generating the pkg-config file. * [C++] Correctly join paths for pkg-config file * Add ASLv2 to the new file * [C++] add License field to pkg-config file --------- Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * Bump com.fasterxml.jackson:jackson-bom in /lang/java (#3541) Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.20.0 to 2.20.1. - [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.0...jackson-bom-2.20.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.20.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump junit5.version from 5.14.0 to 5.14.1 in /lang/java (#3540) Bumps `junit5.version` from 5.14.0 to 5.14.1. Updates `org.junit.vintage:junit-vintage-engine` from 5.14.0 to 5.14.1 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r5.14.0...r5.14.1) Updates `org.junit.jupiter:junit-jupiter` from 5.14.0 to 5.14.1 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r5.14.0...r5.14.1) --- updated-dependencies: - dependency-name: org.junit.vintage:junit-vintage-engine dependency-version: 5.14.1 dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: org.junit.jupiter:junit-jupiter dependency-version: 5.14.1 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * AVRO-3936: Clean up NOTICE and LICENSE file (#3245) * AVRO-3936: Clean up NOTICE and LICENSE file https://issues.apache.org/jira/browse/AVRO-1769 The implementation of Jansson has been removed. https://github.com/apache/avro/pull/307 The implementation of nunit.framework.dll,Newtonsoft.Json.dll and Castle.Core.dll has been removed. https://github.com/apache/avro/pull/2756/ The implementation of m4 macros has been removed. https://github.com/apache/avro/commit/8a42cd0642fcadca7765f59d83a059b1eddb26bd Boost.hhThe implementation of Boost.hh has been removed. * Update copyright year in NOTICE.txt --------- Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * AVRO-4194: remove PHP EOL versions and use new language features (#3528) * remove PHP EOL version, add PHP cs fixer and fix test directory * add license to .php-cs-fixer.dist.php * fix missing quote in test-lang-php.yml * apply automatic changes to lib files and update AvroIO * update composer version in Dockerfile * add phpstan, initial cleanup of lib directory * Remove invalid covers annotations * fix build.sh * phpstan.neon license * improve AvroProtocol code & tests, add/fix types * fix AvroProtocol due to missing json_validate in php < 8.3 * add other types * add types and checks * remove squizlabs/php_codesniffer * fix some bugs and update static analysis to level 3 * add missing license * review - fixes * review - apply lint on lib * review - apply lint on lib * add doc field for fixed schemas * Bump commons-cli:commons-cli from 1.10.0 to 1.11.0 in /lang/java (#3556) Bumps [commons-cli:commons-cli](https://github.com/apache/commons-cli) from 1.10.0 to 1.11.0. - [Changelog](https://github.com/apache/commons-cli/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-cli/compare/rel/commons-cli-1.10.0...rel/commons-cli-1.11.0) --- updated-dependencies: - dependency-name: commons-cli:commons-cli dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.google.protobuf:protobuf-java in /lang/java (#3555) Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.33.0 to 4.33.1. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-java dependency-version: 4.33.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.puppycrawl.tools:checkstyle from 12.1.1 to 12.1.2 in /lang/java (#3554) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 12.1.1 to 12.1.2. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-12.1.1...checkstyle-12.1.2) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.1.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump autoprefixer from 10.4.21 to 10.4.22 in /doc (#3553) Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.21 to 10.4.22. - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/autoprefixer/compare/10.4.21...10.4.22) --- updated-dependencies: - dependency-name: autoprefixer dependency-version: 10.4.22 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.commons:commons-lang3 in /lang/java (#3552) Bumps org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-lang3 dependency-version: 3.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.tukaani:xz from 1.10 to 1.11 in /lang/java (#3576) Bumps [org.tukaani:xz](https://github.com/tukaani-project/xz-java) from 1.10 to 1.11. - [Release notes](https://github.com/tukaani-project/xz-java/releases) - [Changelog](https://github.com/tukaani-project/xz-java/blob/master/NEWS.md) - [Commits](https://github.com/tukaani-project/xz-java/compare/v1.10...v1.11) --- updated-dependencies: - dependency-name: org.tukaani:xz dependency-version: '1.11' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/checkout from 5 to 6 (#3573) Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump grpc.version from 1.76.0 to 1.77.0 in /lang/java (#3574) Bumps `grpc.version` from 1.76.0 to 1.77.0. Updates `io.grpc:grpc-core` from 1.76.0 to 1.77.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.76.0...v1.77.0) Updates `io.grpc:grpc-stub` from 1.76.0 to 1.77.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.76.0...v1.77.0) Updates `io.grpc:grpc-netty` from 1.76.0 to 1.77.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.76.0...v1.77.0) --- updated-dependencies: - dependency-name: io.grpc:grpc-core dependency-version: 1.77.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: io.grpc:grpc-stub dependency-version: 1.77.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: io.grpc:grpc-netty dependency-version: 1.77.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump BenchmarkDotNet from 0.13.10 to 0.15.8 (#3583) --- updated-dependencies: - dependency-name: BenchmarkDotNet dependency-version: 0.15.8 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump Newtonsoft.Json from 13.0.1 to 13.0.4 (#3568) --- updated-dependencies: - dependency-name: Newtonsoft.Json dependency-version: 13.0.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump Microsoft.NET.Test.Sdk from 17.8.0 to 17.13.0 (#3567) --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 17.13.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump coverlet.msbuild from 6.0.0 to 6.0.4 (#3562) --- updated-dependencies: - dependency-name: coverlet.msbuild dependency-version: 6.0.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.maven.plugins:maven-source-plugin in /lang/java (#3582) Bumps [org.apache.maven.plugins:maven-source-plugin](https://github.com/apache/maven-source-plugin) from 3.3.1 to 3.4.0. - [Release notes](https://github.com/apache/maven-source-plugin/releases) - [Commits](https://github.com/apache/maven-source-plugin/compare/maven-source-plugin-3.3.1...maven-source-plugin-3.4.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-source-plugin dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * AVRO-4212: add PHP 8.5 to test matrix (#3578) * add PHP 8.5 to test matrix * add PHP 8.5 to test matrix * Bump com.puppycrawl.tools:checkstyle from 12.1.2 to 12.2.0 in /lang/java (#3581) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 12.1.2 to 12.2.0. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-12.1.2...checkstyle-12.2.0) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Ensure nuget packages expose license via SPDX expression (#3580) * Bump System.CodeDom from 8.0.0 to 10.0.0 (#3572) --- updated-dependencies: - dependency-name: System.CodeDom dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump NUnit.ConsoleRunner from 3.16.3 to 3.20.2 (#3570) --- updated-dependencies: - dependency-name: NUnit.ConsoleRunner dependency-version: 3.20.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump coverlet.collector from 6.0.0 to 6.0.4 (#3561) --- updated-dependencies: - dependency-name: coverlet.collector dependency-version: 6.0.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * Bump Microsoft.Build.Framework and Microsoft.Build.Utilities.Core (#3565) Bumps Microsoft.Build.Framework from 17.8.43 to 18.0.2 Bumps Microsoft.Build.Utilities.Core from 17.8.43 to 18.0.2 --- updated-dependencies: - dependency-name: Microsoft.Build.Framework dependency-version: 18.0.2 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: Microsoft.Build.Utilities.Core dependency-version: 18.0.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * Bump NUnit3TestAdapter from 4.5.0 to 5.2.0 (#3571) --- updated-dependencies: - dependency-name: NUnit3TestAdapter dependency-version: 5.2.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * Bump com.google.protobuf:protobuf-java in /lang/java (#3585) Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.33.1 to 4.33.2. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-java dependency-version: 4.33.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.rat:apache-rat-plugin from 0.16.1 to 0.17 in /lang/java (#3520) Bumps org.apache.rat:apache-rat-plugin from 0.16.1 to 0.17. --- updated-dependencies: - dependency-name: org.apache.rat:apache-rat-plugin dependency-version: '0.17' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump Microsoft.CodeAnalysis.NetAnalyzers from 8.0.0 to 10.0.100 (#3587) --- updated-dependencies: - dependency-name: Microsoft.CodeAnalysis.NetAnalyzers dependency-version: 10.0.100 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump NUnit.ConsoleRunner from 3.20.2 to 3.21.0 (#3588) --- updated-dependencies: - dependency-name: NUnit.ConsoleRunner dependency-version: 3.21.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump NUnit.ConsoleRunner from 3.21.0 to 3.21.1 (#3605) --- updated-dependencies: - dependency-name: NUnit.ConsoleRunner dependency-version: 3.21.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump io.netty:netty-bom from 4.2.7.Final to 4.2.9.Final in /lang/java (#3604) Bumps [io.netty:netty-bom](https://github.com/netty/netty) from 4.2.7.Final to 4.2.9.Final. - [Commits](https://github.com/netty/netty/compare/netty-4.2.7.Final...netty-4.2.9.Final) --- updated-dependencies: - dependency-name: io.netty:netty-bom dependency-version: 4.2.9.Final dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump autoprefixer from 10.4.22 to 10.4.23 in /doc (#3603) Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.22 to 10.4.23. - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/autoprefixer/compare/10.4.22...10.4.23) --- updated-dependencies: - dependency-name: autoprefixer dependency-version: 10.4.23 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump System.CodeDom from 10.0.0 to 10.0.1 (#3599) --- updated-dependencies: - dependency-name: System.CodeDom dependency-version: 10.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump Microsoft.CodeAnalysis.NetAnalyzers from 10.0.100 to 10.0.101 (#3598) --- updated-dependencies: - dependency-name: Microsoft.CodeAnalysis.NetAnalyzers dependency-version: 10.0.101 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/cache from 4 to 5 (#3597) Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/upload-artifact from 5 to 6 (#3596) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.puppycrawl.tools:checkstyle from 12.2.0 to 12.3.0 in /lang/java (#3595) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 12.2.0 to 12.3.0. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-12.2.0...checkstyle-12.3.0) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/download-artifact from 6 to 7 (#3594) Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.commons:commons-text from 1.14.0 to 1.15.0 in /lang/java (#3591) Bumps [org.apache.commons:commons-text](https://github.com/apache/commons-text) from 1.14.0 to 1.15.0. - [Changelog](https://github.com/apache/commons-text/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-text/compare/rel/commons-text-1.14.0...rel/commons-text-1.15.0) --- updated-dependencies: - dependency-name: org.apache.commons:commons-text dependency-version: 1.15.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.mockito:mockito-core from 5.20.0 to 5.21.0 in /lang/java (#3592) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.20.0 to 5.21.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.20.0...v5.21.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-version: 5.21.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.codehaus.mojo:exec-maven-plugin in /lang/java (#3609) Bumps [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 3.6.2 to 3.6.3. - [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases) - [Commits](https://github.com/mojohaus/exec-maven-plugin/compare/3.6.2...3.6.3) --- updated-dependencies: - dependency-name: org.codehaus.mojo:exec-maven-plugin dependency-version: 3.6.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump grpc.version from 1.77.0 to 1.78.0 in /lang/java (#3608) Bumps `grpc.version` from 1.77.0 to 1.78.0. Updates `io.grpc:grpc-core` from 1.77.0 to 1.78.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.77.0...v1.78.0) Updates `io.grpc:grpc-stub` from 1.77.0 to 1.78.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.77.0...v1.78.0) Updates `io.grpc:grpc-netty` from 1.77.0 to 1.78.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.77.0...v1.78.0) --- updated-dependencies: - dependency-name: io.grpc:grpc-core dependency-version: 1.78.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: io.grpc:grpc-stub dependency-version: 1.78.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: io.grpc:grpc-netty dependency-version: 1.78.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump NUnit.ConsoleRunner from 3.21.1 to 3.22.0 (#3613) --- updated-dependencies: - dependency-name: NUnit.ConsoleRunner dependency-version: 3.22.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.puppycrawl.tools:checkstyle from 12.3.0 to 12.3.1 in /lang/java (#3612) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 12.3.0 to 12.3.1. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-12.3.0...checkstyle-12.3.1) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.3.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * remove plural marker on abstract non-count noun (#3615) "Overhead" is an abstract non-count noun and thus it is not normally possible to pluralize it in English. In this respect it is like "information" or "happiness". I was not sure which file to make this change in, as I don't know which files are derived from which. I've you'd like, I can make the change in another location—just let me know where it makes the most sense. I hope this is helpful. * Bump System.CodeDom from 10.0.1 to 10.0.2 (#3629) --- updated-dependencies: - dependency-name: System.CodeDom dependency-version: 10.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.google.protobuf:protobuf-java in /lang/java (#3627) Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.33.2 to 4.33.4. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-java dependency-version: 4.33.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * AVRO-4226: Missing doc attributes for record fields (#3624) * bump composer version * add missing doc attribute to AvroField * review + code improvements * remove AvroNamedSchemata passed by reference * SchemaTest improvements * apply Copilot/Martin suggestions * Update lang/php/lib/Schema/AvroArraySchema.php Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> --------- Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * [C] Fix negative block size validation in datafile reader (#3623) * [C] Fix negative block size validation in datafile reader The file_read_block_count() function in datafile.c reads block size using zigzag encoding, which can produce negative numbers from malicious Avro container files. These negative values were passed directly to avro_malloc(), causing allocation failures. This patch adds validation to reject negative block size values with a clear error message before attempting memory allocation. Bug: Negative block size from varint decoding causes allocation-size-too-big when cast to size_t Impact: DoS via crafted .avro file Co-Authored-By: Claude <noreply@anthropic.com> * Add NULL checks after malloc/realloc in file_read_block_count This addresses reviewer feedback about handling allocation failures. When block_size is a very large positive number, malloc/realloc will fail and return NULL. Without NULL checks, this would lead to a null pointer dereference. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> * [C] Fix negative length validation in binary decoding (#3622) * [C] Fix negative length validation in read_bytes and read_string The read_bytes() and read_string() functions in encoding_binary.c decode length values using zigzag encoding, which can produce negative numbers from malicious input. These negative values were passed directly to avro_malloc(), causing allocation failures or undefined behavior. This patch adds validation to reject negative length values with a clear error message before attempting memory allocation. Bug: Negative length values from varint decoding cause allocation-size-too-big when cast to size_t Impact: DoS via crafted binary input Co-Authored-By: Claude <noreply@anthropic.com> * Update lang/c/src/encoding_binary.c Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * Fix indentation in skip_bytes validation --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Martin Grigorov <martin-g@users.noreply.github.com> * Bump com.puppycrawl.tools:checkstyle from 12.3.1 to 13.0.0 in /lang/java (#3620) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 12.3.1 to 13.0.0. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-12.3.1...checkstyle-13.0.0) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 13.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump junit5.version from 5.14.1 to 5.14.2 in /lang/java (#3618) Bumps `junit5.version` from 5.14.1 to 5.14.2. Updates `org.junit.vintage:junit-vintage-engine` from 5.14.1 to 5.14.2 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r5.14.1...r5.14.2) Updates `org.junit.jupiter:junit-jupiter` from 5.14.1 to 5.14.2 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r5.14.1...r5.14.2) --- updated-dependencies: - dependency-name: org.junit.vintage:junit-vintage-engine dependency-version: 5.14.2 dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: org.junit.jupiter:junit-jupiter dependency-version: 5.14.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add byte swap definition for Android platform (#3617) * chore: Format Python code to make its linter happy (#3631) https://github.com/apache/avro/actions/runs/21238630219/job/61111610761 ``` lint: commands[1]> black --check . would reformat /home/runner/work/avro/avro/lang/py/avro/constants.py would reformat /home/runner/work/avro/avro/lang/py/avro/__main__.py would reformat /home/runner/work/avro/avro/lang/py/avro/datafile.py would reformat /home/runner/work/avro/avro/lang/py/avro/name.py would reformat /home/runner/work/avro/avro/lang/py/avro/test/test_schema.py Oh no! 💥 💔 💥 5 files would be reformatted, 36 files would be left unchanged. lint: exit 1 (2.52 seconds) /home/runner/work/avro/avro/lang/py> black --check . pid=3003 lint: FAIL code 1 (9.68=setup[6.91]+cmd[0.25,2.52] seconds) evaluation failed :( (9.71 seconds) ``` Reformatted the code by temporary removing `check` in `black check .` in tox.ini, running `./build.sh lint`, restore `check` * fix:improve footer responsiveness on smaller screens (#3626) * fix:improve footer responsiveness on smaller screens * fix: address footer responsiveness review feedback * Bump com.fasterxml.jackson:jackson-bom in /lang/java (#3633) Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.20.1 to 2.21.0. - [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.1...jackson-bom-2.21.0) --- updated-dependencies: - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.21.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache:apache from 35 to 37 in /lang/java (#3628) Bumps [org.apache:apache](https://github.com/apache/maven-apache-parent) from 35 to 37. - [Release notes](https://github.com/apache/maven-apache-parent/releases) - [Commits](https://github.com/apache/maven-apache-parent/commits) --- updated-dependencies: - dependency-name: org.apache:apache dependency-version: '37' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Improve code quality and increase PHPStan level (#3634) * improve code quality and increase phpstan level * update exception messages and fixes check for bz2 * review, round one * fix bug in AvroStringIO.php * fix check on primitive type in AvroIODatumReader.php * Bump com.google.protobuf:protobuf-java in /lang/java (#3644) Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.33.4 to 4.33.5. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-java dependency-version: 4.33.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.puppycrawl.tools:checkstyle from 13.0.0 to 13.2.0 in /lang/java (#3643) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 13.0.0 to 13.2.0. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-13.0.0...checkstyle-13.2.0) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 13.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.maven.plugins:maven-compiler-plugin in /lang/java (#3642) Bumps [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.14.1 to 3.15.0. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.14.1...maven-compiler-plugin-3.15.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-version: 3.15.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.github.luben:zstd-jni from 1.5.7-6 to 1.5.7-7 in /lang/java (#3641) Bumps [com.github.luben:zstd-jni](https://github.com/luben/zstd-jni) from 1.5.7-6 to 1.5.7-7. - [Commits](https://github.com/luben/zstd-jni/compare/v1.5.7-6...v1.5.7-7) --- updated-dependencies: - dependency-name: com.github.luben:zstd-jni dependency-version: 1.5.7-7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump grpc.version from 1.78.0 to 1.79.0 in /lang/java (#3639) Bumps `grpc.version` from 1.78.0 to 1.79.0. Updates `io.grpc:grpc-core` from 1.78.0 to 1.79.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.78.0...v1.79.0) Updates `io.grpc:grpc-stub` from 1.78.0 to 1.79.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.78.0...v1.79.0) Updates `io.grpc:grpc-netty` from 1.78.0 to 1.79.0 - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](https://github.com/grpc/grpc-java/compare/v1.78.0...v1.79.0) --- updated-dependencies: - dependency-name: io.grpc:grpc-core dependency-version: 1.79.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: io.grpc:grpc-stub dependency-version: 1.79.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: io.grpc:grpc-netty dependency-version: 1.79.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump autoprefixer from 10.4.23 to 10.4.24 in /doc (#3637) Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.23 to 10.4.24. - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/autoprefixer/compare/10.4.23...10.4.24) --- updated-dependencies: - dependency-name: autoprefixer dependency-version: 10.4.24 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump io.netty:netty-bom from 4.2.9.Final to 4.2.10.Final in /lang/java (#3640) Bumps [io.netty:netty-bom](https://github.com/netty/netty) from 4.2.9.Final to 4.2.10.Final. - [Commits](https://github.com/netty/netty/compare/netty-4.2.9.Final...netty-4.2.10.Final) --- updated-dependencies: - dependency-name: io.netty:netty-bom dependency-version: 4.2.10.Final dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: correct typo 'Recieve' to 'Receive' in docstring (#3647) Co-authored-by: thecaptain789 <thecaptain789@users.noreply.github.com> * Bump junit5.version from 5.14.2 to 5.14.3 in /lang/java (#3652) Bumps `junit5.version` from 5.14.2 to 5.14.3. Updates `org.junit.vintage:junit-vintage-engine` from 5.14.2 to 5.14.3 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r5.14.2...r5.14.3) Updates `org.junit.jupiter:junit-jupiter` from 5.14.2 to 5.14.3 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r5.14.2...r5.14.3) --- updated-dependencies: - dependency-name: org.junit.vintage:junit-vintage-engine dependency-version: 5.14.3 dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: org.junit.jupiter:junit-jupiter dependency-version: 5.14.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump System.CodeDom from 10.0.2 to 10.0.3 (#3657) --- updated-dependencies: - dependency-name: System.CodeDom dependency-version: 10.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump Microsoft.Build.Framework and Microsoft.Build.Utilities.Core (#3656) Bumps Microsoft.Build.Framework from 18.0.2 to 18.3.3 Bumps Microsoft.Build.Utilities.Core from 18.0.2 to 18.3.3 --- updated-dependencies: - dependency-name: Microsoft.Build.Framework dependency-version: 18.3.3 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: Microsoft.Build.Utilities.Core dependency-version: 18.3.3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump coverlet.collector from 6.0.4 to 8.0.0 (#3653) --- updated-dependencies: - dependency-name: coverlet.collector dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump coverlet.msbuild from 6.0.4 to 8.0.0 (#3654) --- updated-dependencies: - dependency-name: coverlet.msbuild dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * AVRO-4228: [c++] Fix BinaryDecoder::arrayNext() to handle negative block counts (#3646) * AVRO-4228: Fix BinaryDecoder::arrayNext() to handle negative block counts * AVRO-4228: Add test for arrayNext() with negative block counts * AVRO-4228: Move negative block count to second block in test * AVRO-4228: Avoid undefined behavior when negating INT64_MIN in doDecodeItemCount --------- Co-authored-by: Gabriel Feyer <gabriel.feyer@indexexchange.com> * Upgrade jquery to 3.7.1 due to CVE-2019-11358 (#3579) * Upgrade jquery to 3.5.0 due to CVE-2019-11358 * bump jquery to 3.7.1 * AVRO-4229 - Update StatsServer resource handler (#3648) * AVRO-4229 - Update StatsServer resource handler * Fix review comments - moved ASFv2 to the top - static content only served when it is available * Bump org.javacc.plugin:javacc-maven-plugin in /lang/java (#3663) Bumps [org.javacc.plugin:javacc-maven-plugin](https://github.com/javacc/javacc-maven-plugin) from 3.0.3 to 3.8.0. - [Release notes](https://github.com/javacc/javacc-maven-plugin/releases) - [Changelog](https://github.com/javacc/javacc-maven-plugin/blob/master/docs/release-notes.html) - [Commits](https://github.com/javacc/javacc-maven-plugin/compare/javacc-maven-plugin-3.0.3...v3.8.0) --- updated-dependencies: - dependency-name: org.javacc.plugin:javacc-maven-plugin dependency-version: 3.8.0 dependency-type: direct:production update-type: version-update:semver-m…
RyanSkraba
pushed a commit
to RyanSkraba/avro
that referenced
this pull request
Apr 6, 2026
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps github/codeql-action from 3 to 4.
Release notes
Sourced from github/codeql-action's releases.
... (truncated)
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
a841c54ScratchuploadSpecifiedFilestests, makeuploadPayloadtests insteadaeb12f6Merge branch 'main' into redsun82/skip-sarif-upload-tests6fd4cebMerge pull request #3189 from github/henrymercer/download-codeql-rate-limit196a3e5Merge pull request #3188 from github/mbg/telemetry/partial-config98abb87Add configuration error for rate limited CodeQL downloadbdd2cdfAlso includelanguagein error status report forstart-proxy, if availablefb14878Includelanguagesinstart-proxytelemetry2ff418fParselanguagebefore callinggetCredentialsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)