Skip to content

Bump the maven group across 1 directory with 6 updates #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the maven group across 1 directory with 6 updates #1

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Oct 1, 2025

Bumps the maven group with 6 updates in the / directory:

Package From To
org.scala-lang:scala-compiler 2.11.8 2.11.12
org.apache.spark:spark-core_2.11 2.0.0 2.4.8.7.2.17.0-334
org.apache.hadoop:hadoop-common 2.6.0 3.4.0
commons-collections:commons-collections 3.1 3.2.2
com.h2database:h2 1.4.189 2.2.220
junit:junit 4.8.1 4.13.1

Updates org.scala-lang:scala-compiler from 2.11.8 to 2.11.12

Release notes

Sourced from org.scala-lang:scala-compiler's releases.

Scala 2.11.12 is a maintenance release to allow running Scala 2.11 tooling on Java 9. Five pending backports were merged.

This release addresses (#6108) a privilege escalation vulnerability that was identified in the Scala compilation daemon CVE-2017-15288.

We strongly encourage you to upgrade to the latest stable version of Scala 2.12.x, as the 2.11.x series is no longer actively maintained.

There is a known bug on Java 9 involving the repl: the workaround is to launch it as scala -nobootcp.

More general information about the Scala 2.11 series is available in the release notes for Scala 2.11.1.

Thanks to Lightbend for their continued sponsorship of the Scala core team’s efforts. Lightbend offers commercial support for Scala.

Scala 2.11.11: all the way to eleven!

The 2.11.11 release concludes the 2.11.x series, with no further releases planned. Please consider upgrading to 2.12!

Do not use 2.11.9 or 2.11.10, which introduced significant regressions (see below). This also means this series goes to eleven. (No further, though.)

Changes

Significant changes since 2.11.8 include:

  • #5730, #5846 Allow custom apply and unapply methods in case class companions. Also allows case class constructors and apply methods to be private. (In 2.11.11, -Xsource:2.12 is needed to enable these changes. In Scala 2.12.2, they are on by default.)
  • #5343 Add support for higher order unification under -Ypartial-unification (SI-2712)
  • #5341 Fix for higher-kinded GADT refinement
  • #5061 JMH-based benchmark framework for contributors
  • #5026 Upgrade to newer scala-xml (1.0.5)

2.11.11 resolves regressions introduced in 2.11.9 and 2.11.10: #5730 (fixed by #5828 and #5846), #5664 (fixed by #5821). Special thanks to @​xuwei-k and @​sjrd for reporting and helping diagnose these.

For more information, check out all closed bugs and merged PRs.

As usual for minor releases, Scala 2.11.11 is binary compatible with the whole Scala 2.11 series (with the exception of 2.11.9, which should not be used to publish artifacts, see #5821).

To share your feedback on this release, please use our new GitHub-based bug tracker and Discourse-based contributors forum.

Contributors

A big thank you to everyone who's helped improve Scala by reporting bugs, improving our documentation, spreading kindness in discussions around Scala, and submitting and reviewing pull requests! You are all magnificent.

This release was brought to you by 33 contributors, according to git shortlog -sn --no-merges v2.11.8..v2.11.11. Thank you Adriaan Moors, A. P. Marki, Jason Zaugg, Seth Tisue, Lukas Rytz, Performant Data LLC, Stefan Zeiger, Pap Lőrinc, Iulian Dragos, Rory Graves, Miles Sabin, Martijn Hoekstra, Mike Skells, Sébastien Doeraene, Dale Wijnand, Raphael Jolly, ptrcarta, Łukasz Gieroń, Carsten Varming, CodingTwinky, Jasper-M, Johannes Rudolph, Krzysztof Romanowski, Martynas Mickevičius, Masaru Nomura, Nicolas Stucki, Oscar Boykin, Paul Kernfeld, Philippus Baalman, Tobias Schlatter, Viktor Klang, af, and jvican!

Scala 2.11 Notes

The release notes for Scala 2.11.0 have important information applicable to the whole 2.11 series.

Obtaining Scala

Scala releases are available through a variety of channels, including (but not limited to):

... (truncated)

Commits
  • b8155a5 Merge pull request #6151 from retronym/merge/2.10.x-to-2.11.x-20171027
  • 517d170 Delay check for Object.class
  • eb6a6fd Adapt to the removal of sun.boot.class.path
  • 5e0cea9 Merge branch 'backport/reflection' into merge/2.10.x-to-2.11.x-20171027
  • 7e398ad Fixup run/t8852a after merging check that target=1.8 for static interface calls
  • b4f1a48 Fixup run/classfile-format-51.scala after merging asm upgrade
  • 4b84876 Move ASM sources back to the original location
  • 02f7977 SI-9833 Fix -nobootcp in the Unix scala script
  • 88a562a Merge commit '7e1a4b94ad' into merge/2.10.x-to-2.11.x-20171027
  • 07e2659 Merge commit 'c3d8750f4d' into merge/2.10.x-to-2.11.x-20171027
  • Additional commits viewable in compare view

Updates org.apache.spark:spark-core_2.11 from 2.0.0 to 2.4.8.7.2.17.0-334

Updates org.apache.hadoop:hadoop-common from 2.6.0 to 3.4.0

Updates commons-collections:commons-collections from 3.1 to 3.2.2

Updates com.h2database:h2 from 1.4.189 to 2.2.220

Release notes

Sourced from com.h2database:h2's releases.

Version 2.2.220

Changes since 2.1.214 release:

... (truncated)

Commits

Updates junit:junit from 4.8.1 to 4.13.1

Release notes

Sourced from junit:junit's releases.

JUnit 4.13.1

Please refer to the release notes for details.

JUnit 4.13

Please refer to the release notes for details.

JUnit 4.13 RC 2

Please refer to the release notes for details.

JUnit 4.13 RC 1

Please refer to the release notes for details.

JUnit 4.13 Beta 3

Please refer to the release notes for details.

JUnit 4.13 Beta 2

Please refer to the release notes for details.

JUnit 4.13 Beta 1

Please refer to the release notes for details.

JUnit 4.12

Please refer to the release notes for details.

JUnit 4.12 Beta 3

Please refer to the release notes for details.

JUnit 4.12 Beta 2

No release notes provided.

JUnit 4.12 Beta 1

No release notes provided.

JUnit 4.11

No release notes provided.

Changelog

Sourced from junit:junit's changelog.

Summary of changes in version 4.13.1

Rules

Security fix: TemporaryFolder now limits access to temporary folders on Java 1.7 or later

A local information disclosure vulnerability in TemporaryFolder has been fixed. See the published security advisory for details.

Test Runners

[Pull request #1669:](junit-team/junit#1669) Make FrameworkField constructor public

Prior to this change, custom runners could make FrameworkMethod instances, but not FrameworkField instances. This small change allows for both now, because FrameworkField's constructor has been promoted from package-private to public.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the maven group across 1 directory with 6 updates
cb50197 
Bumps the maven group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [org.scala-lang:scala-compiler](https://github.com/scala/scala) | `2.11.8` | `2.11.12` |
| org.apache.spark:spark-core_2.11 | `2.0.0` | `2.4.8.7.2.17.0-334` |
| org.apache.hadoop:hadoop-common | `2.6.0` | `3.4.0` |
| commons-collections:commons-collections | `3.1` | `3.2.2` |
| [com.h2database:h2](https://github.com/h2database/h2database) | `1.4.189` | `2.2.220` |
| [junit:junit](https://github.com/junit-team/junit4) | `4.8.1` | `4.13.1` |



Updates `org.scala-lang:scala-compiler` from 2.11.8 to 2.11.12
- [Release notes](https://github.com/scala/scala/releases)
- [Commits](scala/scala@v2.11.8...v2.11.12)

Updates `org.apache.spark:spark-core_2.11` from 2.0.0 to 2.4.8.7.2.17.0-334

Updates `org.apache.hadoop:hadoop-common` from 2.6.0 to 3.4.0

Updates `commons-collections:commons-collections` from 3.1 to 3.2.2

Updates `com.h2database:h2` from 1.4.189 to 2.2.220
- [Release notes](https://github.com/h2database/h2database/releases)
- [Commits](https://github.com/h2database/h2database/commits/version-2.2.220)

Updates `junit:junit` from 4.8.1 to 4.13.1
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md)
- [Commits](junit-team/junit4@r4.8.1...r4.13.1)

---
updated-dependencies:
- dependency-name: org.scala-lang:scala-compiler
  dependency-version: 2.11.12
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.spark:spark-core_2.11
  dependency-version: 2.4.8.7.2.17.0-334
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: org.apache.hadoop:hadoop-common
  dependency-version: 3.4.0
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: commons-collections:commons-collections
  dependency-version: 3.2.2
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: com.h2database:h2
  dependency-version: 2.2.220
  dependency-type: direct:production
  dependency-group: maven
- dependency-name: junit:junit
  dependency-version: 4.13.1
  dependency-type: direct:development
  dependency-group: maven
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Oct 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant