Bump com.google.code.gson:gson from 2.9.1 to 2.14.0#37
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.9.1 to 2.14.0. - [Release notes](https://github.com/google/gson/releases) - [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md) - [Commits](google/gson@gson-parent-2.9.1...gson-parent-2.14.0) --- updated-dependencies: - dependency-name: com.google.code.gson:gson dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
|
PR: #37 Note: This metadata is also included in the Gerrit commit message for reconciliation. |
|
Change raised in Gerrit by GitHub2Gerrit: https://gerrit.onap.org/r/c/aai/aai-common/+/144183 |
onap-github
pushed a commit
that referenced
this pull request
May 13, 2026
## Release notes Sourced from com.google.code.gson:gson's releases. Gson 2.14.0 What's Changed Add type adapters for java.time classes by @eamonnmcmanus in google/gson#2948 When the java.time API is available, Gson automatically can read and write instances of classes like Instant and Duration. The format it uses essentially freezes the JSON representation that ReflectiveTypeAdapterFactory established by default, based on the private fields of java.time classes. That's not a great representation, but it is understandable. Changing it to anything else would break compatibility with systems that are expecting the current format. With this change, Gson no longer tries to access private fields of these classes using reflection. So it is no longer necessary to run with --add-opens for these classes on recent JDKs. Remove com.google.gson.graph by @eamonnmcmanus in google/gson#2990. This package was not part of any released artifact and depended on Gson internals in potentially problematic ways. Validate that strings being parsed as integers consist of ASCII characters by @eamonnmcmanus in google/gson#2995 Previously, strings could contain non-ASCII Unicode digits and still be parsed as integers. That's inconsistent with how JSON numbers are treated. Fix duplicate key detection when first value is null by @andrewstellman in google/gson#3006 This could potentially break code that was relying on the incorrect behaviour. For example, this JSON string was previously accepted but will no longer be: {"foo": null, "foo": bar}. Remove Serializable from internal Type implementation classes. by @eamonnmcmanus in google/gson#3011 The nested classes ParameterizedTypeImpl, GenericArrayTypeImpl, and WildcardTypeImpl in GsonTypes are implementations of the corresponding types (without Impl) in java.lang.reflect. For some reason, they were serializable, even though the java.lang.reflect implementations are not. Having unnecessarily serializable classes could conceivably have been a security problem if they were part of a larger exploit using serialization. (We do not consider this a likely scenario and do not suggest that you need to update Gson just to get this change.) Add LegacyProtoTypeAdapterFactory. by @eamonnmcmanus in google/gson#3014 This is not part of any released artifact, but may be of use when trying to fix code that is currently accessing the internals of protobuf classes via reflection. Make AppendableWriter do flush and close if delegation object supports by @MukjepScarlet in google/gson#2925 Other less visible changes Add default capacity to EnumTypeAdapter maps by @MukjepScarlet in google/gson#2959 refactor: move derived adapters from Gson to TypeAdapters by @MukjepScarlet in google/gson#2951 Optimize new Gson() by @MukjepScarlet in google/gson#2864 New Contributors @ThirdGoddess made their first contribution in google/gson#2944 @lmj798 made their first contribution in google/gson#2988 @Eng-YasminKotb made their first contribution in google/gson#3005 @andrewstellman made their first contribution in google/gson#3006 Full Changelog: google/gson@gson-parent-2.13.2...gson-parent-2.14.0 Gson 2.13.2 The main changes in this release are just newer dependencies. ... (truncated) ## Changelog Sourced from com.google.code.gson:gson's changelog. Change Log The change log for versions newer than 2.10 is available only on the GitHub Releases page. Version 2.10 Support for serializing and deserializing Java records, on Java ≥ 16. (google/gson#2201) Add JsonArray.asList and JsonObject.asMap view methods (google/gson#2225) Fix TypeAdapterRuntimeTypeWrapper not detecting reflective TreeTypeAdapter and FutureTypeAdapter (google/gson#1787) Improve JsonReader.skipValue() (google/gson#2062) Perform numeric conversion for primitive numeric type adapters (google/gson#2158) Add Gson.fromJson(..., TypeToken) overloads (google/gson#1700) Fix changes to GsonBuilder affecting existing Gson instances (google/gson#1815) Make JsonElement conversion methods more consistent and fix javadoc (google/gson#2178) Throw UnsupportedOperationException when JsonWriter.jsonValue is not supported (google/gson#1651) Disallow JsonObject Entry.setValue(null) (google/gson#2167) Fix TypeAdapter.toJson throwing AssertionError for custom IOException (google/gson#2172) Convert null to JsonNull for JsonArray.set (google/gson#2170) Fixed nullSafe usage. (google/gson#1555) Validate TypeToken.getParameterized arguments (google/gson#2166) Fix #1702: Gson.toJson creates CharSequence which does not implement toString (google/gson#1703) Prefer existing adapter for concurrent Gson.getAdapter calls (google/gson#2153) Improve ArrayTypeAdapter for Object[] (google/gson#1716) Improve AppendableWriter performance (google/gson#1706) ## Commits 3ff35d6 [maven-release-plugin] prepare release gson-parent-2.14.0 a3024fd Bump the maven group with 13 updates (#3002) 5689ffe Bump the github-actions group across 1 directory with 3 updates (#3018) 48db33c Add LegacyProtoTypeAdapterFactory. (#3014) 53d703e Update outdated comment regarding serializable types (#3012) 0189b72 Remove Serializable from internal Type implementation classes. (#3011) f4d371d Fix duplicate key detection when first value is null (#3006) 27d9ba1 Fix typo in README (JPMS dependencies section) (#3005) 1fa9b7a Validate that strings being parsed as integers consist of ASCII characters (# b7d5954 Add iterator fail-fast tests for LinkedTreeMap.clear() (#2992) Additional commits viewable in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I3707533b94e77d221389af97baae133d90bdb985 GitHub-PR: #37 GitHub-Hash: dc2f307754a500e1 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps com.google.code.gson:gson from 2.9.1 to 2.14.0.
Release notes
Sourced from com.google.code.gson:gson's releases.
... (truncated)
Changelog
Sourced from com.google.code.gson:gson's changelog.
Commits
3ff35d6[maven-release-plugin] prepare release gson-parent-2.14.0a3024fdBump the maven group with 13 updates (#3002)5689ffeBump the github-actions group across 1 directory with 3 updates (#3018)48db33cAddLegacyProtoTypeAdapterFactory. (#3014)53d703eUpdate outdated comment regarding serializable types (#3012)0189b72RemoveSerializablefrom internalTypeimplementation classes. (#3011)f4d371dFix duplicate key detection when first value is null (#3006)27d9ba1Fix typo in README (JPMS dependencies section) (#3005)1fa9b7aValidate that strings being parsed as integers consist of ASCII characters (#...b7d5954Add iterator fail-fast tests for LinkedTreeMap.clear() (#2992)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)