Automatic backporting workflow from 4.1 to 4.2#16273
Merged
Conversation
This reverts commit a2b9c6d.
The workflow must run on the `pull_request_target` trigger instead of `pull_request`, which is in the context of the base branch rather than the merge commit, in order to have access to secrets.
Since the backport job can trigger on both merging and labeling there's a chance that multiple jobs can be enqueued for the same PR. Add concurrency control groups based on the merge commit, and cancel previously submitted or in-progress jobs to that we only run on the latest.
Since the workflow now runs in the base repository context, the GITHUB_TOKEN should in theory grant sufficient access to push branches, open pull requests and add comments. Thus we no longer need to install SSH keys or use a Personal Access Token.
The head_sha is something that theoretically can change.
The `pull_request.labels` array is always available so I don't think we need to differentiate between the PR being merged or labeled – just that the final result is labeled and merged.
This is probably still need to, as the documentation say, "run authenticated git commands".
netty-project-bot
pushed a commit
that referenced
this pull request
Feb 13, 2026
Motivation: We often backport PRs from 4.2 to 4.1. Because these branches are very similar, cherry-picking often applies cleanly. Modification: Add a workflow that triggers when a is PRs merged into 4.2 with the `needs-cherry-pick-4.1` label, or when a merged PR is labelled with `needs-cherry-pick-4.1`. The workflow triggers on `pull_request_target` so that it runs in the context of the base branch, rather than the PR, which gives it access to repository secrets – this is safe because we're not running any code that's been added or modified by the PR in question. The workflow checks out the full git history, and tries to cherry-pick the merge commit onto `4.1` and create a pull-request. Finally, the workflow adds a comment to the original PR, linking the backport PR if the cherry-pick succeeded, or reporting failure if it didn't. The back port branch are pushed back to the netty/netty repository using the same SSH key we use to push release tags. Result: Easier to keep 4.1 up to date with bug fixes we do in 4.2. This PR attempts to fix the issues encountered with #16269 and #16271 (cherry picked from commit c0c2c27)
|
Backport PR for 4.1: #16274 |
chrisvest
added a commit
to chrisvest/netty
that referenced
this pull request
Feb 13, 2026
Motivation: Following the success of netty#16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches.
chrisvest
added a commit
that referenced
this pull request
Feb 13, 2026
Backport of #16273 to 4.1 Cherry-picked commit: c0c2c27 --- Motivation: We often backport PRs from 4.2 to 4.1. Because these branches are very similar, cherry-picking often applies cleanly. Modification: Add a workflow that triggers when a is PRs merged into 4.2 with the `needs-cherry-pick-4.1` label, or when a merged PR is labelled with `needs-cherry-pick-4.1`. The workflow triggers on `pull_request_target` so that it runs in the context of the base branch, rather than the PR, which gives it access to repository secrets – this is safe because we're not running any code that's been added or modified by the PR in question. The workflow checks out the full git history, and tries to cherry-pick the merge commit onto `4.1` and create a pull-request. Finally, the workflow adds a comment to the original PR, linking the backport PR if the cherry-pick succeeded, or reporting failure if it didn't. The back port branch are pushed back to the netty/netty repository using the same SSH key we use to push release tags. Result: Easier to keep 4.1 up to date with bug fixes we do in 4.2. This PR attempts to fix the issues encountered with #16269 and #16271 Co-authored-by: Chris Vest <christianvest_hansen@apple.com>
chrisvest
added a commit
that referenced
this pull request
Feb 17, 2026
Motivation: Following the success of #16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches.
netty-project-bot
pushed a commit
that referenced
this pull request
Feb 17, 2026
Motivation: Following the success of #16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches. (cherry picked from commit b31b49c)
chrisvest
added a commit
to chrisvest/netty
that referenced
this pull request
Feb 17, 2026
Motivation: Following the success of netty#16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches. Also fixes from issues identified with netty#16275
chrisvest
added a commit
that referenced
this pull request
Feb 17, 2026
Motivation: Following the success of #16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches. Also fixes from issues identified with #16275
netty-project-bot
pushed a commit
that referenced
this pull request
Feb 17, 2026
Motivation: Following the success of #16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches. Also fixes from issues identified with #16275 (cherry picked from commit 6c611ec)
|
Could not create automatic backport PR. |
|
Could not create automatic backport PR. |
netty-project-bot
pushed a commit
that referenced
this pull request
Feb 17, 2026
Motivation: We often backport PRs from 4.2 to 4.1. Because these branches are very similar, cherry-picking often applies cleanly. Modification: Add a workflow that triggers when a is PRs merged into 4.2 with the `needs-cherry-pick-4.1` label, or when a merged PR is labelled with `needs-cherry-pick-4.1`. The workflow triggers on `pull_request_target` so that it runs in the context of the base branch, rather than the PR, which gives it access to repository secrets – this is safe because we're not running any code that's been added or modified by the PR in question. The workflow checks out the full git history, and tries to cherry-pick the merge commit onto `4.1` and create a pull-request. Finally, the workflow adds a comment to the original PR, linking the backport PR if the cherry-pick succeeded, or reporting failure if it didn't. The back port branch are pushed back to the netty/netty repository using the same SSH key we use to push release tags. Result: Easier to keep 4.1 up to date with bug fixes we do in 4.2. This PR attempts to fix the issues encountered with #16269 and #16271 (cherry picked from commit c0c2c27)
Contributor
|
Forward port PR for 5.0: #16285 |
chrisvest
added a commit
that referenced
this pull request
Feb 17, 2026
Backport of #16283 to 4.1 Cherry-picked commit: 6c611ec --- Motivation: Following the success of #16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches. Also fixes from issues identified with #16275 Co-authored-by: Chris Vest <christianvest_hansen@apple.com>
chrisvest
added a commit
that referenced
this pull request
Feb 17, 2026
) Forward port of #16273 to 5.0 Cherry-picked commit: c0c2c27 --- Motivation: We often backport PRs from 4.2 to 4.1. Because these branches are very similar, cherry-picking often applies cleanly. Modification: Add a workflow that triggers when a is PRs merged into 4.2 with the `needs-cherry-pick-4.1` label, or when a merged PR is labelled with `needs-cherry-pick-4.1`. The workflow triggers on `pull_request_target` so that it runs in the context of the base branch, rather than the PR, which gives it access to repository secrets – this is safe because we're not running any code that's been added or modified by the PR in question. The workflow checks out the full git history, and tries to cherry-pick the merge commit onto `4.1` and create a pull-request. Finally, the workflow adds a comment to the original PR, linking the backport PR if the cherry-pick succeeded, or reporting failure if it didn't. The back port branch are pushed back to the netty/netty repository using the same SSH key we use to push release tags. Result: Easier to keep 4.1 up to date with bug fixes we do in 4.2. This PR attempts to fix the issues encountered with #16269 and #16271 Co-authored-by: Chris Vest <christianvest_hansen@apple.com>
netty-project-bot
pushed a commit
that referenced
this pull request
Feb 17, 2026
Motivation: Following the success of #16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches. Also fixes from issues identified with #16275 (cherry picked from commit 6c611ec)
chrisvest
added a commit
that referenced
this pull request
Feb 17, 2026
Forward port of #16283 to 5.0 Cherry-picked commit: 6c611ec --- Motivation: Following the success of #16273 we should also have workflows for porting 4.2 -> 5.0, and 5.0 -> 4.2. Modification: Copy the 4.2 -> 4.1 porting workflow and make adjustments to port between 4.2 and 5.0. Result: More automated PR porting between our branches. Also fixes from issues identified with #16275 Co-authored-by: Chris Vest <christianvest_hansen@apple.com>
mergify bot
added a commit
to ArcadeData/arcadedb
that referenced
this pull request
Mar 29, 2026
…l [skip ci] Bumps [io.netty:netty-all](https://github.com/netty/netty) from 4.2.10.Final to 4.2.12.Final. Release notes *Sourced from [io.netty:netty-all's releases](https://github.com/netty/netty/releases).* > netty-4.2.12.Final > ------------------ > > What's Changed > -------------- > > * Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16550](https://redirect.github.com/netty/netty/pull/16550) > > **Full Changelog**: <netty/netty@netty-4.2.11.Final...netty-4.2.12.Final> > > netty-4.2.11.Final > ------------------ > > Security > -------- > > * CVE-2026-33871, [HTTP/2 CONTINUATION Frame Flood Denial of Service](GHSA-w9fj-cfpg-grvv) > * CVE-2026-33870, [HTTP Request Smuggling via Chunked Extension Quoted-String Parsing](GHSA-pwqr-wmgm-9rr8) > > What's Changed > -------------- > > * Update to latest JDK 26 EA release by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16230](https://redirect.github.com/netty/netty/pull/16230) > * HTTP3: Allow to support non-standard HTTP3 settings by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16171](https://redirect.github.com/netty/netty/pull/16171) > * Fix Incorrect nanos-to-millis conversion in epoll\_wait EINTR retry loop by [`@adwsingh`](https://github.com/adwsingh) in [netty/netty#16245](https://redirect.github.com/netty/netty/pull/16245) > * Allocate one large segment and slice for each MsgHdrMemory by [`@dreamlike-ocean`](https://github.com/dreamlike-ocean) in [netty/netty#16234](https://redirect.github.com/netty/netty/pull/16234) > * Make RefCntOpenSslContext.deallocate more robust by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16253](https://redirect.github.com/netty/netty/pull/16253) > * Epoll: Fix excessive CPU usage when Channel is only registered but no… by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16250](https://redirect.github.com/netty/netty/pull/16250) > * Update to gcc for arm 10.3-2021.07 by [`@m1ngyuan`](https://github.com/m1ngyuan) in [netty/netty#16255](https://redirect.github.com/netty/netty/pull/16255) > * Add acmeIdentifier extension support to pkitesting by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16256](https://redirect.github.com/netty/netty/pull/16256) > * Update JDK versions to latest patch releases by [`@m1ngyuan`](https://github.com/m1ngyuan) in [netty/netty#16254](https://redirect.github.com/netty/netty/pull/16254) > * Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by [`@doom369`](https://github.com/doom369) in [netty/netty#16241](https://redirect.github.com/netty/netty/pull/16241) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16269](https://redirect.github.com/netty/netty/pull/16269) > * Revert "Automatic backporting workflow from 4.1 to 4.2" by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16270](https://redirect.github.com/netty/netty/pull/16270) > * HTTP2: Correctly account for padding when decompress by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16264](https://redirect.github.com/netty/netty/pull/16264) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16271](https://redirect.github.com/netty/netty/pull/16271) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16273](https://redirect.github.com/netty/netty/pull/16273) > * Backport PRs must be created with personal access tokens by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16276](https://redirect.github.com/netty/netty/pull/16276) > * Expose QuicSslContextBuilder::sni by [`@ZeroErrors`](https://github.com/ZeroErrors) in [netty/netty#16178](https://redirect.github.com/netty/netty/pull/16178) > * Add more porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16275](https://redirect.github.com/netty/netty/pull/16275) > * Add more porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16283](https://redirect.github.com/netty/netty/pull/16283) > * Remove the unpooled allocator from test permutations by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16282](https://redirect.github.com/netty/netty/pull/16282) > * Some polishing of the porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16288](https://redirect.github.com/netty/netty/pull/16288) > * Allow to set destination connection id when creating a client side QuicheChannel by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16286](https://redirect.github.com/netty/netty/pull/16286) > * Update to latest JDK26 EA build by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16295](https://redirect.github.com/netty/netty/pull/16295) > * Add javadoc to clarify responsibility of the user when generating the remote connection id by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16293](https://redirect.github.com/netty/netty/pull/16293) > * Make the build run faster by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16290](https://redirect.github.com/netty/netty/pull/16290) > * Fix IDE warnings in SslHandler by [`@doom369`](https://github.com/doom369) in [netty/netty#16237](https://redirect.github.com/netty/netty/pull/16237) > * Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by [`@doom369`](https://github.com/doom369) in [netty/netty#16242](https://redirect.github.com/netty/netty/pull/16242) > * Support boringssl SSLCredential API by [`@jmcrawford45`](https://github.com/jmcrawford45) in [netty/netty#15919](https://redirect.github.com/netty/netty/pull/15919) > * Fix high-order bit aliasing in HttpUtil.validateToken by [`@furkanvarol`](https://github.com/furkanvarol) in [netty/netty#16279](https://redirect.github.com/netty/netty/pull/16279) > * Improve multi-byte access performance when UNALIGNED availability is unknown by [`@Songdoeon`](https://github.com/Songdoeon) in [netty/netty#16207](https://redirect.github.com/netty/netty/pull/16207) > * Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by [`@doom369`](https://github.com/doom369) in [netty/netty#16278](https://redirect.github.com/netty/netty/pull/16278) > * Support more branch freedom for auto-porting by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16300](https://redirect.github.com/netty/netty/pull/16300) > * fix: the precedence of + is higher than >> by [`@cuiweixie`](https://github.com/cuiweixie) in [netty/netty#16312](https://redirect.github.com/netty/netty/pull/16312) > * AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by [`@laosijikaichele`](https://github.com/laosijikaichele) in [netty/netty#16309](https://redirect.github.com/netty/netty/pull/16309) > * Fix flaky PooledByteBufAllocatorTest by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16313](https://redirect.github.com/netty/netty/pull/16313) > * Fix pooled arena accounting tests by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16321](https://redirect.github.com/netty/netty/pull/16321) ... (truncated) Commits * [`67ce541`](netty/netty@67ce541) [maven-release-plugin] prepare release netty-4.2.12.Final * [`7074624`](netty/netty@7074624) Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`c3b0a43`](netty/netty@c3b0a43) [maven-release-plugin] prepare for next development iteration * [`c94a818`](netty/netty@c94a818) [maven-release-plugin] prepare release netty-4.2.11.Final * [`3b76df1`](netty/netty@3b76df1) Merge commit from fork * [`aae944a`](netty/netty@aae944a) Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`6001499`](netty/netty@6001499) Eliminate redundant bounds checks in CompositeByteBuf accessors ([#16525](https://redirect.github.com/netty/netty/issues/16525)) * [`a7fbb6f`](netty/netty@a7fbb6f) JdkZlibDecoder: accumulate decompressed output before firing channelRead ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`7937553`](netty/netty@7937553) Enforce io.netty.maxDirectMemory accounting on all Java versions ([#16489](https://redirect.github.com/netty/netty/issues/16489)) * [`893ea2e`](netty/netty@893ea2e) Allocate less in QueryStringDecoder.addParam for typical use case ([#16527](https://redirect.github.com/netty/netty/issues/16527)) * Additional commits viewable in [compare view](netty/netty@netty-4.2.10.Final...netty-4.2.12.Final) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
mergify bot
added a commit
to ArcadeData/arcadedb
that referenced
this pull request
Mar 29, 2026
…ip ci] Bumps `netty.version` from 4.2.10.Final to 4.2.12.Final. Updates `io.netty:netty-transport` from 4.2.10.Final to 4.2.12.Final Release notes *Sourced from [io.netty:netty-transport's releases](https://github.com/netty/netty/releases).* > netty-4.2.12.Final > ------------------ > > What's Changed > -------------- > > * Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16550](https://redirect.github.com/netty/netty/pull/16550) > > **Full Changelog**: <netty/netty@netty-4.2.11.Final...netty-4.2.12.Final> > > netty-4.2.11.Final > ------------------ > > Security > -------- > > * CVE-2026-33871, [HTTP/2 CONTINUATION Frame Flood Denial of Service](GHSA-w9fj-cfpg-grvv) > * CVE-2026-33870, [HTTP Request Smuggling via Chunked Extension Quoted-String Parsing](GHSA-pwqr-wmgm-9rr8) > > What's Changed > -------------- > > * Update to latest JDK 26 EA release by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16230](https://redirect.github.com/netty/netty/pull/16230) > * HTTP3: Allow to support non-standard HTTP3 settings by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16171](https://redirect.github.com/netty/netty/pull/16171) > * Fix Incorrect nanos-to-millis conversion in epoll\_wait EINTR retry loop by [`@adwsingh`](https://github.com/adwsingh) in [netty/netty#16245](https://redirect.github.com/netty/netty/pull/16245) > * Allocate one large segment and slice for each MsgHdrMemory by [`@dreamlike-ocean`](https://github.com/dreamlike-ocean) in [netty/netty#16234](https://redirect.github.com/netty/netty/pull/16234) > * Make RefCntOpenSslContext.deallocate more robust by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16253](https://redirect.github.com/netty/netty/pull/16253) > * Epoll: Fix excessive CPU usage when Channel is only registered but no… by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16250](https://redirect.github.com/netty/netty/pull/16250) > * Update to gcc for arm 10.3-2021.07 by [`@m1ngyuan`](https://github.com/m1ngyuan) in [netty/netty#16255](https://redirect.github.com/netty/netty/pull/16255) > * Add acmeIdentifier extension support to pkitesting by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16256](https://redirect.github.com/netty/netty/pull/16256) > * Update JDK versions to latest patch releases by [`@m1ngyuan`](https://github.com/m1ngyuan) in [netty/netty#16254](https://redirect.github.com/netty/netty/pull/16254) > * Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by [`@doom369`](https://github.com/doom369) in [netty/netty#16241](https://redirect.github.com/netty/netty/pull/16241) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16269](https://redirect.github.com/netty/netty/pull/16269) > * Revert "Automatic backporting workflow from 4.1 to 4.2" by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16270](https://redirect.github.com/netty/netty/pull/16270) > * HTTP2: Correctly account for padding when decompress by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16264](https://redirect.github.com/netty/netty/pull/16264) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16271](https://redirect.github.com/netty/netty/pull/16271) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16273](https://redirect.github.com/netty/netty/pull/16273) > * Backport PRs must be created with personal access tokens by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16276](https://redirect.github.com/netty/netty/pull/16276) > * Expose QuicSslContextBuilder::sni by [`@ZeroErrors`](https://github.com/ZeroErrors) in [netty/netty#16178](https://redirect.github.com/netty/netty/pull/16178) > * Add more porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16275](https://redirect.github.com/netty/netty/pull/16275) > * Add more porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16283](https://redirect.github.com/netty/netty/pull/16283) > * Remove the unpooled allocator from test permutations by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16282](https://redirect.github.com/netty/netty/pull/16282) > * Some polishing of the porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16288](https://redirect.github.com/netty/netty/pull/16288) > * Allow to set destination connection id when creating a client side QuicheChannel by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16286](https://redirect.github.com/netty/netty/pull/16286) > * Update to latest JDK26 EA build by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16295](https://redirect.github.com/netty/netty/pull/16295) > * Add javadoc to clarify responsibility of the user when generating the remote connection id by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16293](https://redirect.github.com/netty/netty/pull/16293) > * Make the build run faster by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16290](https://redirect.github.com/netty/netty/pull/16290) > * Fix IDE warnings in SslHandler by [`@doom369`](https://github.com/doom369) in [netty/netty#16237](https://redirect.github.com/netty/netty/pull/16237) > * Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by [`@doom369`](https://github.com/doom369) in [netty/netty#16242](https://redirect.github.com/netty/netty/pull/16242) > * Support boringssl SSLCredential API by [`@jmcrawford45`](https://github.com/jmcrawford45) in [netty/netty#15919](https://redirect.github.com/netty/netty/pull/15919) > * Fix high-order bit aliasing in HttpUtil.validateToken by [`@furkanvarol`](https://github.com/furkanvarol) in [netty/netty#16279](https://redirect.github.com/netty/netty/pull/16279) > * Improve multi-byte access performance when UNALIGNED availability is unknown by [`@Songdoeon`](https://github.com/Songdoeon) in [netty/netty#16207](https://redirect.github.com/netty/netty/pull/16207) > * Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by [`@doom369`](https://github.com/doom369) in [netty/netty#16278](https://redirect.github.com/netty/netty/pull/16278) > * Support more branch freedom for auto-porting by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16300](https://redirect.github.com/netty/netty/pull/16300) > * fix: the precedence of + is higher than >> by [`@cuiweixie`](https://github.com/cuiweixie) in [netty/netty#16312](https://redirect.github.com/netty/netty/pull/16312) > * AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by [`@laosijikaichele`](https://github.com/laosijikaichele) in [netty/netty#16309](https://redirect.github.com/netty/netty/pull/16309) > * Fix flaky PooledByteBufAllocatorTest by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16313](https://redirect.github.com/netty/netty/pull/16313) > * Fix pooled arena accounting tests by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16321](https://redirect.github.com/netty/netty/pull/16321) ... (truncated) Commits * [`67ce541`](netty/netty@67ce541) [maven-release-plugin] prepare release netty-4.2.12.Final * [`7074624`](netty/netty@7074624) Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`c3b0a43`](netty/netty@c3b0a43) [maven-release-plugin] prepare for next development iteration * [`c94a818`](netty/netty@c94a818) [maven-release-plugin] prepare release netty-4.2.11.Final * [`3b76df1`](netty/netty@3b76df1) Merge commit from fork * [`aae944a`](netty/netty@aae944a) Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`6001499`](netty/netty@6001499) Eliminate redundant bounds checks in CompositeByteBuf accessors ([#16525](https://redirect.github.com/netty/netty/issues/16525)) * [`a7fbb6f`](netty/netty@a7fbb6f) JdkZlibDecoder: accumulate decompressed output before firing channelRead ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`7937553`](netty/netty@7937553) Enforce io.netty.maxDirectMemory accounting on all Java versions ([#16489](https://redirect.github.com/netty/netty/issues/16489)) * [`893ea2e`](netty/netty@893ea2e) Allocate less in QueryStringDecoder.addParam for typical use case ([#16527](https://redirect.github.com/netty/netty/issues/16527)) * Additional commits viewable in [compare view](netty/netty@netty-4.2.10.Final...netty-4.2.12.Final) Updates `io.netty:netty-codec` from 4.2.10.Final to 4.2.12.Final Release notes *Sourced from [io.netty:netty-codec's releases](https://github.com/netty/netty/releases).* > netty-4.2.12.Final > ------------------ > > What's Changed > -------------- > > * Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16550](https://redirect.github.com/netty/netty/pull/16550) > > **Full Changelog**: <netty/netty@netty-4.2.11.Final...netty-4.2.12.Final> > > netty-4.2.11.Final > ------------------ > > Security > -------- > > * CVE-2026-33871, [HTTP/2 CONTINUATION Frame Flood Denial of Service](GHSA-w9fj-cfpg-grvv) > * CVE-2026-33870, [HTTP Request Smuggling via Chunked Extension Quoted-String Parsing](GHSA-pwqr-wmgm-9rr8) > > What's Changed > -------------- > > * Update to latest JDK 26 EA release by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16230](https://redirect.github.com/netty/netty/pull/16230) > * HTTP3: Allow to support non-standard HTTP3 settings by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16171](https://redirect.github.com/netty/netty/pull/16171) > * Fix Incorrect nanos-to-millis conversion in epoll\_wait EINTR retry loop by [`@adwsingh`](https://github.com/adwsingh) in [netty/netty#16245](https://redirect.github.com/netty/netty/pull/16245) > * Allocate one large segment and slice for each MsgHdrMemory by [`@dreamlike-ocean`](https://github.com/dreamlike-ocean) in [netty/netty#16234](https://redirect.github.com/netty/netty/pull/16234) > * Make RefCntOpenSslContext.deallocate more robust by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16253](https://redirect.github.com/netty/netty/pull/16253) > * Epoll: Fix excessive CPU usage when Channel is only registered but no… by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16250](https://redirect.github.com/netty/netty/pull/16250) > * Update to gcc for arm 10.3-2021.07 by [`@m1ngyuan`](https://github.com/m1ngyuan) in [netty/netty#16255](https://redirect.github.com/netty/netty/pull/16255) > * Add acmeIdentifier extension support to pkitesting by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16256](https://redirect.github.com/netty/netty/pull/16256) > * Update JDK versions to latest patch releases by [`@m1ngyuan`](https://github.com/m1ngyuan) in [netty/netty#16254](https://redirect.github.com/netty/netty/pull/16254) > * Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by [`@doom369`](https://github.com/doom369) in [netty/netty#16241](https://redirect.github.com/netty/netty/pull/16241) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16269](https://redirect.github.com/netty/netty/pull/16269) > * Revert "Automatic backporting workflow from 4.1 to 4.2" by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16270](https://redirect.github.com/netty/netty/pull/16270) > * HTTP2: Correctly account for padding when decompress by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16264](https://redirect.github.com/netty/netty/pull/16264) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16271](https://redirect.github.com/netty/netty/pull/16271) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16273](https://redirect.github.com/netty/netty/pull/16273) > * Backport PRs must be created with personal access tokens by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16276](https://redirect.github.com/netty/netty/pull/16276) > * Expose QuicSslContextBuilder::sni by [`@ZeroErrors`](https://github.com/ZeroErrors) in [netty/netty#16178](https://redirect.github.com/netty/netty/pull/16178) > * Add more porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16275](https://redirect.github.com/netty/netty/pull/16275) > * Add more porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16283](https://redirect.github.com/netty/netty/pull/16283) > * Remove the unpooled allocator from test permutations by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16282](https://redirect.github.com/netty/netty/pull/16282) > * Some polishing of the porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16288](https://redirect.github.com/netty/netty/pull/16288) > * Allow to set destination connection id when creating a client side QuicheChannel by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16286](https://redirect.github.com/netty/netty/pull/16286) > * Update to latest JDK26 EA build by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16295](https://redirect.github.com/netty/netty/pull/16295) > * Add javadoc to clarify responsibility of the user when generating the remote connection id by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16293](https://redirect.github.com/netty/netty/pull/16293) > * Make the build run faster by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16290](https://redirect.github.com/netty/netty/pull/16290) > * Fix IDE warnings in SslHandler by [`@doom369`](https://github.com/doom369) in [netty/netty#16237](https://redirect.github.com/netty/netty/pull/16237) > * Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by [`@doom369`](https://github.com/doom369) in [netty/netty#16242](https://redirect.github.com/netty/netty/pull/16242) > * Support boringssl SSLCredential API by [`@jmcrawford45`](https://github.com/jmcrawford45) in [netty/netty#15919](https://redirect.github.com/netty/netty/pull/15919) > * Fix high-order bit aliasing in HttpUtil.validateToken by [`@furkanvarol`](https://github.com/furkanvarol) in [netty/netty#16279](https://redirect.github.com/netty/netty/pull/16279) > * Improve multi-byte access performance when UNALIGNED availability is unknown by [`@Songdoeon`](https://github.com/Songdoeon) in [netty/netty#16207](https://redirect.github.com/netty/netty/pull/16207) > * Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by [`@doom369`](https://github.com/doom369) in [netty/netty#16278](https://redirect.github.com/netty/netty/pull/16278) > * Support more branch freedom for auto-porting by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16300](https://redirect.github.com/netty/netty/pull/16300) > * fix: the precedence of + is higher than >> by [`@cuiweixie`](https://github.com/cuiweixie) in [netty/netty#16312](https://redirect.github.com/netty/netty/pull/16312) > * AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by [`@laosijikaichele`](https://github.com/laosijikaichele) in [netty/netty#16309](https://redirect.github.com/netty/netty/pull/16309) > * Fix flaky PooledByteBufAllocatorTest by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16313](https://redirect.github.com/netty/netty/pull/16313) > * Fix pooled arena accounting tests by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16321](https://redirect.github.com/netty/netty/pull/16321) ... (truncated) Commits * [`67ce541`](netty/netty@67ce541) [maven-release-plugin] prepare release netty-4.2.12.Final * [`7074624`](netty/netty@7074624) Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`c3b0a43`](netty/netty@c3b0a43) [maven-release-plugin] prepare for next development iteration * [`c94a818`](netty/netty@c94a818) [maven-release-plugin] prepare release netty-4.2.11.Final * [`3b76df1`](netty/netty@3b76df1) Merge commit from fork * [`aae944a`](netty/netty@aae944a) Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`6001499`](netty/netty@6001499) Eliminate redundant bounds checks in CompositeByteBuf accessors ([#16525](https://redirect.github.com/netty/netty/issues/16525)) * [`a7fbb6f`](netty/netty@a7fbb6f) JdkZlibDecoder: accumulate decompressed output before firing channelRead ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`7937553`](netty/netty@7937553) Enforce io.netty.maxDirectMemory accounting on all Java versions ([#16489](https://redirect.github.com/netty/netty/issues/16489)) * [`893ea2e`](netty/netty@893ea2e) Allocate less in QueryStringDecoder.addParam for typical use case ([#16527](https://redirect.github.com/netty/netty/issues/16527)) * Additional commits viewable in [compare view](netty/netty@netty-4.2.10.Final...netty-4.2.12.Final) Updates `io.netty:netty-handler` from 4.2.10.Final to 4.2.12.Final Release notes *Sourced from [io.netty:netty-handler's releases](https://github.com/netty/netty/releases).* > netty-4.2.12.Final > ------------------ > > What's Changed > -------------- > > * Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16550](https://redirect.github.com/netty/netty/pull/16550) > > **Full Changelog**: <netty/netty@netty-4.2.11.Final...netty-4.2.12.Final> > > netty-4.2.11.Final > ------------------ > > Security > -------- > > * CVE-2026-33871, [HTTP/2 CONTINUATION Frame Flood Denial of Service](GHSA-w9fj-cfpg-grvv) > * CVE-2026-33870, [HTTP Request Smuggling via Chunked Extension Quoted-String Parsing](GHSA-pwqr-wmgm-9rr8) > > What's Changed > -------------- > > * Update to latest JDK 26 EA release by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16230](https://redirect.github.com/netty/netty/pull/16230) > * HTTP3: Allow to support non-standard HTTP3 settings by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16171](https://redirect.github.com/netty/netty/pull/16171) > * Fix Incorrect nanos-to-millis conversion in epoll\_wait EINTR retry loop by [`@adwsingh`](https://github.com/adwsingh) in [netty/netty#16245](https://redirect.github.com/netty/netty/pull/16245) > * Allocate one large segment and slice for each MsgHdrMemory by [`@dreamlike-ocean`](https://github.com/dreamlike-ocean) in [netty/netty#16234](https://redirect.github.com/netty/netty/pull/16234) > * Make RefCntOpenSslContext.deallocate more robust by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16253](https://redirect.github.com/netty/netty/pull/16253) > * Epoll: Fix excessive CPU usage when Channel is only registered but no… by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16250](https://redirect.github.com/netty/netty/pull/16250) > * Update to gcc for arm 10.3-2021.07 by [`@m1ngyuan`](https://github.com/m1ngyuan) in [netty/netty#16255](https://redirect.github.com/netty/netty/pull/16255) > * Add acmeIdentifier extension support to pkitesting by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16256](https://redirect.github.com/netty/netty/pull/16256) > * Update JDK versions to latest patch releases by [`@m1ngyuan`](https://github.com/m1ngyuan) in [netty/netty#16254](https://redirect.github.com/netty/netty/pull/16254) > * Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by [`@doom369`](https://github.com/doom369) in [netty/netty#16241](https://redirect.github.com/netty/netty/pull/16241) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16269](https://redirect.github.com/netty/netty/pull/16269) > * Revert "Automatic backporting workflow from 4.1 to 4.2" by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16270](https://redirect.github.com/netty/netty/pull/16270) > * HTTP2: Correctly account for padding when decompress by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16264](https://redirect.github.com/netty/netty/pull/16264) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16271](https://redirect.github.com/netty/netty/pull/16271) > * Automatic backporting workflow from 4.1 to 4.2 by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16273](https://redirect.github.com/netty/netty/pull/16273) > * Backport PRs must be created with personal access tokens by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16276](https://redirect.github.com/netty/netty/pull/16276) > * Expose QuicSslContextBuilder::sni by [`@ZeroErrors`](https://github.com/ZeroErrors) in [netty/netty#16178](https://redirect.github.com/netty/netty/pull/16178) > * Add more porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16275](https://redirect.github.com/netty/netty/pull/16275) > * Add more porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16283](https://redirect.github.com/netty/netty/pull/16283) > * Remove the unpooled allocator from test permutations by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16282](https://redirect.github.com/netty/netty/pull/16282) > * Some polishing of the porting workflows by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16288](https://redirect.github.com/netty/netty/pull/16288) > * Allow to set destination connection id when creating a client side QuicheChannel by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16286](https://redirect.github.com/netty/netty/pull/16286) > * Update to latest JDK26 EA build by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16295](https://redirect.github.com/netty/netty/pull/16295) > * Add javadoc to clarify responsibility of the user when generating the remote connection id by [`@normanmaurer`](https://github.com/normanmaurer) in [netty/netty#16293](https://redirect.github.com/netty/netty/pull/16293) > * Make the build run faster by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16290](https://redirect.github.com/netty/netty/pull/16290) > * Fix IDE warnings in SslHandler by [`@doom369`](https://github.com/doom369) in [netty/netty#16237](https://redirect.github.com/netty/netty/pull/16237) > * Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by [`@doom369`](https://github.com/doom369) in [netty/netty#16242](https://redirect.github.com/netty/netty/pull/16242) > * Support boringssl SSLCredential API by [`@jmcrawford45`](https://github.com/jmcrawford45) in [netty/netty#15919](https://redirect.github.com/netty/netty/pull/15919) > * Fix high-order bit aliasing in HttpUtil.validateToken by [`@furkanvarol`](https://github.com/furkanvarol) in [netty/netty#16279](https://redirect.github.com/netty/netty/pull/16279) > * Improve multi-byte access performance when UNALIGNED availability is unknown by [`@Songdoeon`](https://github.com/Songdoeon) in [netty/netty#16207](https://redirect.github.com/netty/netty/pull/16207) > * Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by [`@doom369`](https://github.com/doom369) in [netty/netty#16278](https://redirect.github.com/netty/netty/pull/16278) > * Support more branch freedom for auto-porting by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16300](https://redirect.github.com/netty/netty/pull/16300) > * fix: the precedence of + is higher than >> by [`@cuiweixie`](https://github.com/cuiweixie) in [netty/netty#16312](https://redirect.github.com/netty/netty/pull/16312) > * AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by [`@laosijikaichele`](https://github.com/laosijikaichele) in [netty/netty#16309](https://redirect.github.com/netty/netty/pull/16309) > * Fix flaky PooledByteBufAllocatorTest by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16313](https://redirect.github.com/netty/netty/pull/16313) > * Fix pooled arena accounting tests by [`@chrisvest`](https://github.com/chrisvest) in [netty/netty#16321](https://redirect.github.com/netty/netty/pull/16321) ... (truncated) Commits * [`67ce541`](netty/netty@67ce541) [maven-release-plugin] prepare release netty-4.2.12.Final * [`7074624`](netty/netty@7074624) Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`c3b0a43`](netty/netty@c3b0a43) [maven-release-plugin] prepare for next development iteration * [`c94a818`](netty/netty@c94a818) [maven-release-plugin] prepare release netty-4.2.11.Final * [`3b76df1`](netty/netty@3b76df1) Merge commit from fork * [`aae944a`](netty/netty@aae944a) Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`6001499`](netty/netty@6001499) Eliminate redundant bounds checks in CompositeByteBuf accessors ([#16525](https://redirect.github.com/netty/netty/issues/16525)) * [`a7fbb6f`](netty/netty@a7fbb6f) JdkZlibDecoder: accumulate decompressed output before firing channelRead ([#16](https://redirect.github.com/netty/netty/issues/16)... * [`7937553`](netty/netty@7937553) Enforce io.netty.maxDirectMemory accounting on all Java versions ([#16489](https://redirect.github.com/netty/netty/issues/16489)) * [`893ea2e`](netty/netty@893ea2e) Allocate less in QueryStringDecoder.addParam for typical use case ([#16527](https://redirect.github.com/netty/netty/issues/16527)) * Additional commits viewable in [compare view](netty/netty@netty-4.2.10.Final...netty-4.2.12.Final) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation:
We often backport PRs from 4.2 to 4.1.
Because these branches are very similar, cherry-picking often applies cleanly.
Modification:
Add a workflow that triggers when a is PRs merged into 4.2 with the
needs-cherry-pick-4.1label, or when a merged PR is labelled withneeds-cherry-pick-4.1.The workflow triggers on
pull_request_targetso that it runs in the context of the base branch, rather than the PR, which gives it access to repository secrets – this is safe because we're not running any code that's been added or modified by the PR in question.The workflow checks out the full git history, and tries to cherry-pick the merge commit onto
4.1and create a pull-request. Finally, the workflow adds a comment to the original PR, linking the backport PR if the cherry-pick succeeded, or reporting failure if it didn't.The back port branch are pushed back to the netty/netty repository using the same SSH key we use to push release tags.
Result:
Easier to keep 4.1 up to date with bug fixes we do in 4.2.
This PR attempts to fix the issues encountered with #16269 and #16271