Keep dependencies up-to-date (#879)

* Test dependabot for upgrading dependencies automatically * Add required field version in the configuration file * Bump aws-java-sdk.version from 1.12.3 to 1.12.125 Bumps `aws-java-sdk.version` from 1.12.3 to 1.12.125. Updates `aws-java-sdk-core` from 1.12.3 to 1.12.125 - [Release notes](https://github.com/aws/aws-sdk-java/releases) - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.3...1.12.125) Updates `aws-java-sdk-sts` from 1.12.3 to 1.12.125 - [Release notes](https://github.com/aws/aws-sdk-java/releases) - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.3...1.12.125) --- updated-dependencies: - dependency-name: com.amazonaws:aws-java-sdk-core dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-sts dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump gsr.version from 1.1.5 to 1.1.8 Bumps `gsr.version` from 1.1.5 to 1.1.8. Updates `schema-registry-serde` from 1.1.5 to 1.1.8 - [Release notes](https://github.com/awslabs/aws-glue-schema-registry/releases) - [Changelog](https://github.com/awslabs/aws-glue-schema-registry/blob/master/CHANGELOG.md) - [Commits](https://github.com/awslabs/aws-glue-schema-registry/compare/v1.1.5...v1.1.8) Updates `schema-registry-common` from 1.1.5 to 1.1.8 - [Release notes](https://github.com/awslabs/aws-glue-schema-registry/releases) - [Changelog](https://github.com/awslabs/aws-glue-schema-registry/blob/master/CHANGELOG.md) - [Commits](https://github.com/awslabs/aws-glue-schema-registry/compare/v1.1.5...v1.1.8) --- updated-dependencies: - dependency-name: software.amazon.glue:schema-registry-serde dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.glue:schema-registry-common dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-source-plugin from 3.0.1 to 3.2.1 Bumps [maven-source-plugin](https://github.com/apache/maven-source-plugin) from 3.0.1 to 3.2.1. - [Release notes](https://github.com/apache/maven-source-plugin/releases) - [Commits](https://github.com/apache/maven-source-plugin/compare/maven-source-plugin-3.0.1...maven-source-plugin-3.2.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-source-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump lombok from 1.16.20 to 1.18.22 Bumps [lombok](https://github.com/projectlombok/lombok) from 1.16.20 to 1.18.22. - [Release notes](https://github.com/projectlombok/lombok/releases) - [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown) - [Commits](https://github.com/projectlombok/lombok/compare/v1.16.20...v1.18.22) --- updated-dependencies: - dependency-name: org.projectlombok:lombok dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-javadoc-plugin from 2.10.3 to 3.3.1 Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 2.10.3 to 3.3.1. - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-2.10.3...maven-javadoc-plugin-3.3.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump rxjava from 2.1.14 to 2.2.21 Bumps [rxjava](https://github.com/ReactiveX/RxJava) from 2.1.14 to 2.2.21. - [Release notes](https://github.com/ReactiveX/RxJava/releases) - [Changelog](https://github.com/ReactiveX/RxJava/blob/v2.2.21/CHANGES.md) - [Commits](https://github.com/ReactiveX/RxJava/compare/v2.1.14...v2.2.21) --- updated-dependencies: - dependency-name: io.reactivex.rxjava2:rxjava dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-compiler-plugin from 3.8.0 to 3.8.1 Bumps [maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.8.0 to 3.8.1. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.8.0...maven-compiler-plugin-3.8.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump guava from 29.0-jre to 31.0.1-jre Bumps [guava](https://github.com/google/guava) from 29.0-jre to 31.0.1-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Bump protobuf-java from 3.11.4 to 3.19.1 Bumps [protobuf-java](https://github.com/protocolbuffers/protobuf) from 3.11.4 to 3.19.1. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/master/generate_changelog.py) - [Commits](https://github.com/protocolbuffers/protobuf/compare/v3.11.4...v3.19.1) --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-gpg-plugin from 1.6 to 3.0.1 Bumps [maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) from 1.6 to 3.0.1. - [Release notes](https://github.com/apache/maven-gpg-plugin/releases) - [Commits](https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-1.6...maven-gpg-plugin-3.0.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-gpg-plugin dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump awssdk.version from 2.17.52 to 2.17.100 Bumps `awssdk.version` from 2.17.52 to 2.17.100. Updates `kinesis` from 2.17.52 to 2.17.100 Updates `dynamodb` from 2.17.52 to 2.17.100 Updates `cloudwatch` from 2.17.52 to 2.17.100 Updates `netty-nio-client` from 2.17.52 to 2.17.100 Updates `sts` from 2.17.52 to 2.17.100 --- updated-dependencies: - dependency-name: software.amazon.awssdk:kinesis dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:cloudwatch dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:netty-nio-client dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sts dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump logback-classic from 1.2.7 to 1.2.9 Bumps logback-classic from 1.2.7 to 1.2.9. --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-surefire-plugin from 2.19.1 to 2.22.2 Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire) from 2.19.1 to 2.22.2. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-2.19.1...surefire-2.22.2) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump junit from 4.13.1 to 4.13.2 Bumps [junit](https://github.com/junit-team/junit4) from 4.13.1 to 4.13.2. - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.13.1...r4.13.2) --- updated-dependencies: - dependency-name: junit:junit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump commons-collections4 from 4.2 to 4.4 Bumps commons-collections4 from 4.2 to 4.4. --- updated-dependencies: - dependency-name: org.apache.commons:commons-collections4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump aws-java-sdk.version from 1.12.125 to 1.12.130 Bumps `aws-java-sdk.version` from 1.12.125 to 1.12.130. Updates `aws-java-sdk-core` from 1.12.125 to 1.12.130 - [Release notes](https://github.com/aws/aws-sdk-java/releases) - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.125...1.12.130) Updates `aws-java-sdk-sts` from 1.12.125 to 1.12.130 - [Release notes](https://github.com/aws/aws-sdk-java/releases) - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.125...1.12.130) --- updated-dependencies: - dependency-name: com.amazonaws:aws-java-sdk-core dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-sts dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump awssdk.version from 2.17.100 to 2.17.101 Bumps `awssdk.version` from 2.17.100 to 2.17.101. Updates `kinesis` from 2.17.100 to 2.17.101 Updates `dynamodb` from 2.17.100 to 2.17.101 Updates `cloudwatch` from 2.17.100 to 2.17.101 Updates `netty-nio-client` from 2.17.100 to 2.17.101 Updates `sts` from 2.17.100 to 2.17.101 --- updated-dependencies: - dependency-name: software.amazon.awssdk:kinesis dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:cloudwatch dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:netty-nio-client dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sts dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump commons-io from 2.7 to 2.11.0 Bumps commons-io from 2.7 to 2.11.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump slf4j-api from 1.7.25 to 1.7.32 Bumps [slf4j-api](https://github.com/qos-ch/slf4j) from 1.7.25 to 1.7.32. - [Release notes](https://github.com/qos-ch/slf4j/releases) - [Commits](https://github.com/qos-ch/slf4j/compare/v_1.7.25...v_1.7.32) --- updated-dependencies: - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-failsafe-plugin from 2.19.1 to 2.22.2 Bumps [maven-failsafe-plugin](https://github.com/apache/maven-surefire) from 2.19.1 to 2.22.2. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-2.19.1...surefire-2.22.2) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-failsafe-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jcommander from 1.72 to 1.81 Bumps [jcommander](https://github.com/cbeust/jcommander) from 1.72 to 1.81. - [Release notes](https://github.com/cbeust/jcommander/releases) - [Changelog](https://github.com/cbeust/jcommander/blob/master/CHANGELOG.md) - [Commits](https://github.com/cbeust/jcommander/commits/1.81) --- updated-dependencies: - dependency-name: com.beust:jcommander dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump commons-lang3 from 3.8.1 to 3.12.0 Bumps commons-lang3 from 3.8.1 to 3.12.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-lang3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update doclint configuration to accommodate 3.x version of maven-javadoc-plugin Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yu Zeng <yuzen@amazon.com>
2021-12-21 09:57:57 -08:00 · 2021-12-21 09:57:57 -08:00 · 9c53c0ce59
commit 9c53c0ce59
parent bedae95db9
4 changed files with 37 additions and 29 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,7 @@
+version: 2
+updates:
+- package-ecosystem: "maven"
+  directory: "/"
+  schedule: 
+    interval: "daily"
+  # Add assignees, reviewers
--- a/amazon-kinesis-client-multilang/pom.xml
+++ b/amazon-kinesis-client-multilang/pom.xml
@ -28,7 +28,7 @@
  <artifactId>amazon-kinesis-client-multilang</artifactId>

  <properties>
-    <aws-java-sdk.version>1.12.3</aws-java-sdk.version>
+    <aws-java-sdk.version>1.12.130</aws-java-sdk.version>
  </properties>

  <dependencies>
@ -72,28 +72,28 @@
    <dependency>
      <groupId>org.projectlombok</groupId>
      <artifactId>lombok</artifactId>
-      <version>1.16.20</version>
+      <version>1.18.22</version>
      <scope>provided</scope>
    </dependency>
    <dependency>
      <groupId>ch.qos.logback</groupId>
      <artifactId>logback-classic</artifactId>
-      <version>1.2.7</version>
+      <version>1.2.9</version>
    </dependency>
    <dependency>
      <groupId>com.beust</groupId>
      <artifactId>jcommander</artifactId>
-      <version>1.72</version>
+      <version>1.81</version>
    </dependency>
    <dependency>
      <groupId>commons-io</groupId>
      <artifactId>commons-io</artifactId>
-      <version>2.7</version>
+      <version>2.11.0</version>
    </dependency>
    <dependency>
      <groupId>org.apache.commons</groupId>
      <artifactId>commons-collections4</artifactId>
-      <version>4.2</version>
+      <version>4.4</version>
    </dependency>


@ -107,7 +107,7 @@
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
-      <version>4.13.1</version>
+      <version>4.13.2</version>
      <scope>test</scope>
    </dependency>
    <dependency>
@ -130,7 +130,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-          <version>3.2</version>
+          <version>3.8.1</version>
          <configuration>
            <source>1.8</source>
            <target>1.8</target>
@ -143,7 +143,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-javadoc-plugin</artifactId>
-        <version>2.10.3</version>
+        <version>3.3.1</version>
        <executions>
          <execution>
            <id>attach-javadocs</id>
@ -156,7 +156,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-source-plugin</artifactId>
-        <version>3.0.1</version>
+        <version>3.2.1</version>
        <executions>
          <execution>
            <id>attach-sources</id>
@ -176,7 +176,7 @@
        <jdk>[1.8,)</jdk>
      </activation>
      <properties>
-        <additionalparam>-Xdoclint:none</additionalparam>
+        <doclint>none</doclint>
      </properties>
    </profile>
  </profiles>
--- a/amazon-kinesis-client/pom.xml
+++ b/amazon-kinesis-client/pom.xml
@ -50,8 +50,8 @@
    <sqlite4java.version>1.0.392</sqlite4java.version>
    <sqlite4java.native>libsqlite4java</sqlite4java.native>
    <sqlite4java.libpath>${project.build.directory}/test-lib</sqlite4java.libpath>
-    <slf4j.version>1.7.25</slf4j.version>
-    <gsr.version>1.1.5</gsr.version>
+    <slf4j.version>1.7.32</slf4j.version>
+    <gsr.version>1.1.8</gsr.version>
  </properties>

  <dependencies>
@ -88,17 +88,17 @@
    <dependency>
      <groupId>com.google.guava</groupId>
      <artifactId>guava</artifactId>
-      <version>29.0-jre</version>
+      <version>31.0.1-jre</version>
    </dependency>
    <dependency>
      <groupId>com.google.protobuf</groupId>
      <artifactId>protobuf-java</artifactId>
-      <version>3.11.4</version>
+      <version>3.19.1</version>
    </dependency>
    <dependency>
      <groupId>org.apache.commons</groupId>
      <artifactId>commons-lang3</artifactId>
-      <version>3.8.1</version>
+      <version>3.12.0</version>
    </dependency>
    <dependency>
      <groupId>org.slf4j</groupId>
@ -109,13 +109,13 @@
    <dependency>
      <groupId>io.reactivex.rxjava2</groupId>
      <artifactId>rxjava</artifactId>
-      <version>2.1.14</version>
+      <version>2.2.21</version>
    </dependency>

    <dependency>
      <groupId>org.projectlombok</groupId>
      <artifactId>lombok</artifactId>
-      <version>1.16.20</version>
+      <version>1.18.22</version>
      <scope>provided</scope>
    </dependency>

@ -123,7 +123,7 @@
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
-      <version>4.13.1</version>
+      <version>4.13.2</version>
      <scope>test</scope>
    </dependency>

@ -152,7 +152,7 @@
    <dependency>
      <groupId>ch.qos.logback</groupId>
      <artifactId>logback-classic</artifactId>
-      <version>1.2.7</version>
+      <version>1.2.9</version>
      <scope>test</scope>
    </dependency>

@ -183,7 +183,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-          <version>3.2</version>
+          <version>3.8.1</version>
          <configuration>
            <source>1.8</source>
            <target>1.8</target>
@ -197,7 +197,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-surefire-plugin</artifactId>
-        <version>2.19.1</version>
+        <version>2.22.2</version>
        <configuration>
          <excludes>
            <exclude>**/*IntegrationTest.java</exclude>
@ -213,7 +213,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-failsafe-plugin</artifactId>
-        <version>2.19.1</version>
+        <version>2.22.2</version>
        <configuration>
          <includes>
            <include>**/*IntegrationTest.java</include>
@ -299,7 +299,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-javadoc-plugin</artifactId>
-        <version>2.10.3</version>
+        <version>3.3.1</version>
        <configuration>
          <excludePackageNames>com.amazonaws.services.kinesis.producer.protobuf</excludePackageNames>
        </configuration>
@ -315,7 +315,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-source-plugin</artifactId>
-        <version>3.0.1</version>
+        <version>3.2.1</version>
        <executions>
          <execution>
            <id>attach-sources</id>
@ -343,6 +343,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-resources-plugin</artifactId>
+        <version>2.6</version>
        <executions>
          <execution>
            <id>copy-dist</id>
@ -374,7 +375,7 @@
        <jdk>[1.8,)</jdk>
      </activation>
      <properties>
-        <additionalparam>-Xdoclint:none</additionalparam>
+        <doclint>none</doclint>
      </properties>
    </profile>
  </profiles>
--- a/pom.xml
+++ b/pom.xml
@ -33,7 +33,7 @@
  </scm>

  <properties>
-    <awssdk.version>2.17.52</awssdk.version>
+    <awssdk.version>2.17.101</awssdk.version>
  </properties>

  <licenses>
@ -77,7 +77,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-          <version>3.8.0</version>
+          <version>3.8.1</version>
          <configuration>
            <source>1.8</source>
            <target>1.8</target>
@ -96,7 +96,7 @@
          <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-gpg-plugin</artifactId>
-            <version>1.6</version>
+            <version>3.0.1</version>
            <executions>
              <execution>
                <id>sign-artifacts</id>