Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency org.postgresql:postgresql to v42.6.0 #469

Merged
merged 1 commit into from Nov 2, 2023
Merged

Update dependency org.postgresql:postgresql to v42.6.0 #469

merged 1 commit into from Nov 2, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 31, 2023

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.postgresql:postgresql (source) 42.3.4 -> 42.6.0 age adoption passing confidence

Release Notes

pgjdbc/pgjdbc (org.postgresql:postgresql)

v42.6.0

Changed

fix: use PhantomReferences instead of Obejct.finalize() to track Connection leaks PR #​2847

The change replaces all uses of Object.finalize with PhantomReferences.
The leaked resources (Connections) are tracked in a helper thread that is active as long as
there are connections in use. By default, the thread keeps running for 30 seconds after all
the connections are released. The timeout is set with pgjdbc.config.cleanup.thread.ttl system property.

refactor:(loom) replace the usages of synchronized with ReentrantLock PR #​2635
Fixes Issue #​1951

v42.5.4

Fixed

fix: fix testGetSQLTypeQueryCache by searching for xid type. We used to search for box type but it is now cached. xid is not cached, this nuance is required for the test.
fix OidValueCorrectnessTest BOX_ARRAY OID, by adding BOX_ARRAY to the oidTypeName map [PR #​2810](https://github.com/pgjdbc/pgjdbc/pull/28100).
fixes Issue #​2804.
fix: Make sure that github CI runs tests on all(https://togithub.com/pgjdbc/pgjdbc/pull/2809)dbc/pgjdbc/pull/2809\)).

v42.5.3

Fixed

fix: Add box to TypeInfoCache, fixes Issue #​2746 PR #​2747
fix: regression in PgResultSet LONG_MIN copy and paste error fixes Issue #​2748 PR#2749

v42.5.2

Changed

regression: This release has 2 known regressions which make it unusable see the notes above. We advise people to use 42.5.3 instead.
docs: specify that timeouts are in seconds and there is a maximum. Housekeeping on some tests fixes #Issue 2671 PR #​2686
docs: clarify binaryTransfer and add it to README PR# 2698
docs: Document the need to encode reserved characters in the connection URL PR #​2700
feat: Define binary transfer for custom types dynamically/automatically fixes Issue #​2554 PR #​2556

Added

fix: added gssResponseTimeout as part of PR #​2687 to make sure we don't wait forever on a GSS RESPONSE

Fixed

fix: Ensure case of XML tags in Maven snippet is correct PR #​2682
fix: Make sure socket is closed if an exception is thrown in createSocket fixes Issue #​2684 PR #​2685
fix: Apply patch from Issue #​2683 to fix hanging ssl connections PR #​2687
fix - binary conversion of (very) long numeric values (longer than 4 * 2^15 digits) PR #​2697 fixes Issue #​2695
minor: enhance readability connection of startup params PR #​2705

v42.5.1

Security
  • security: StreamWrapper spills to disk if setText, or setBytea sends very large Strings or arrays to the server. createTempFile creates a file which can be read by other users on unix like systems (Not macos).
    This has been fixed in this version fixes CVE-2022-41946 see the security advisory for more details. Reported by Jonathan Leitschuh This has been fixed in versions 42.5.1, 42.4.3 42.3.8, 42.2.27.jre7. Note there is no fix for 42.2.26.jre6. See the security advisory for work arounds.
Fixed
  • fix: make sure we select array_in from pg_catalog to avoid duplicate array_in functions fixes #Issue 2548 PR #​2552
  • fix: binary decoding of bool values PR #​2640
  • perf: improve performance of PgResultSet getByte/getShort/getInt/getLong for float-typed columns PR #​2634
  • chore: fix various spelling errors PR #​2592
  • chore: Feature/urlparser improve URLParser PR #​2641

v42.5.0

Changed

v42.4.2

Changed
Added
Fixed
  • fix: regression with GSS. Changes introduced to support building with Java 17 caused failures Issue #​2588
  • fix: set a timeout to get the return from requesting SSL upgrade. PR #​2572
  • feat: synchronize statement executions (e.g. avoid deadlock when Connection.isValid is executed from concurrent threads)

v42.4.1

Security
  • fix: CVE-2022-31197 Fixes SQL generated in PgResultSet.refresh() to escape column identifiers so as to prevent SQL injection.
    • Previously, the column names for both key and data columns in the table were copied as-is into the generated
      SQL. This allowed a malicious table with column names that include statement terminator to be parsed and
      executed as multiple separate commands.
    • Also adds a new test class ResultSetRefreshTest to verify this change.
    • Reported by Sho Kato
Changed
  • chore: skip publishing pgjdbc-osgi-test to Central
  • chore: bump Gradle to 7.5
  • test: update JUnit to 5.8.2
Added
  • chore: added Gradle Wrapper Validation for verifying gradle-wrapper.jar
  • chore: added "permissions: contents: read" for GitHub Actions to avoid unintentional modifications by the CI
  • chore: support building pgjdbc with Java 17
  • feat: synchronize statement executions (e.g. avoid deadlock when Connection.isValid is executed from concurrent threads)

v42.4.0

Changed
  • fix: added GROUP_STARTUP_PARAMETERS boolean property to determine whether or not to group
    startup parameters in a transaction (default=false like 42.2.x) fixes Issue #​2425
    pgbouncer cannot deal with transactions in statement pooling mode PR #​2425
Fixed
  • fix: queries with up to 65535 (inclusive) parameters are supported now (previous limit was 32767)
    PR #​2525, Issue #​1311
  • fix: workaround JarIndex parsing issue by using groupId/artifactId-version directory namings.
    Regression since 42.2.13. PR #​2531, issue #​2527
  • fix: use Locale.ROOT for toUpperCase() toLowerCase() calls
  • doc: add Vladimir Sitnikov's PGP key
  • fix: return correct base type for domain from getUDTs PR #​2520 Issue #​2522
  • perf: utcTz static and renamed to UTC_TIMEZONE PR #​2519
  • doc: fix release version for #​2377 (it should be 42.3.6, not 42.3.5)

v42.3.6

Changed
Added
Fixed
  • fix: close refcursors when underlying cursor==null instead of relying on defaultRowFetchSize PR #​2377

v42.3.5

Changed
  • test: polish TimestampUtilsTest
  • chore: use GitHub Action concurrency feature to terminate CI jobs on fast PR pushes
Added
  • Added KEYS file to allow for verifying artifacts PR 2499
Fixed
  • perf: enable tcpNoDelay by default PR 2495.
    This is a regression from 42.2.x versions where tcpNoDelay defaulted to true
  • docs: fix readme.md after PR 2495 PR 2496
  • feat: targetServerType=preferPrimary connection parameter PR 2483
  • fix: revert removal of toOffsetDateTime(String timestamp) fixes Issue #​2497 PR 2501

Configuration

📅 Schedule: Branch creation - "after 7am and before 11am every weekday" in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@hmcts-jenkins-a-to-c hmcts-jenkins-a-to-c bot requested a deployment to preview October 31, 2023 10:51 Abandoned
@renovate renovate bot force-pushed the renovate/org.postgresql-postgresql-42.x branch from 337d81e to 1bc6aee Compare November 2, 2023 10:36
@renovate renovate bot force-pushed the renovate/org.postgresql-postgresql-42.x branch 2 times, most recently from 3767a7e to 8a084a3 Compare November 2, 2023 11:53
@renovate renovate bot force-pushed the renovate/org.postgresql-postgresql-42.x branch 2 times, most recently from c8d3597 to e75f9d9 Compare November 2, 2023 12:24
@renovate renovate bot force-pushed the renovate/org.postgresql-postgresql-42.x branch from e75f9d9 to de328b7 Compare November 2, 2023 14:07
@renovate renovate bot merged commit b56f1c6 into master Nov 2, 2023
5 checks passed
@renovate renovate bot deleted the renovate/org.postgresql-postgresql-42.x branch November 2, 2023 14:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@renovate-approve renovate-approve[bot] renovate-approve approved these changes

@renovate-approve-2 renovate-approve-2[bot] renovate-approve-2 approved these changes

Assignees
No one assigned
Labels
dependencies ns:fees-pay prd:ccpay
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants