Skip to content

Bump commons-io:commons-io from 2.1 to 2.20.0#113

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/gradle/main/commons-io-commons-io-2.20.0
Closed

Bump commons-io:commons-io from 2.1 to 2.20.0#113
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/gradle/main/commons-io-commons-io-2.20.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 11, 2025
edited
Loading

Bumps commons-io:commons-io from 2.1 to 2.20.0.

Changelog

Sourced from commons-io:commons-io's changelog.

Apache Commons IO 2.20.0 Release Notes

The Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.20.0.

Introduction

The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.

Version 2.19.1: Java 8 or later is required.

New features

o IO-875: Add org.apache.commons.io.file.CountingPathVisitor.accept(Path, BasicFileAttributes) #743. Thanks to Pierre Baumard, Gary Gregory. o Add org.apache.commons.io.Charsets.isAlias(Charset, String). Thanks to Gary Gregory. o Add org.apache.commons.io.Charsets.isUTF8(Charset). Thanks to Gary Gregory. o Add org.apache.commons.io.Charsets.toCharsetDefault(String, Charset). Thanks to Gary Gregory. o IO-279: Add Tailer ignoreTouch option #757. Thanks to Joerg Budischewski, Gary Gregory.

Fixed Bugs

o [javadoc] Rename parameter of ProxyOutputStream.write(int) #740. Thanks to Jesse Glick. o IO-875: CopyDirectoryVisitor ignores fileFilter #743. Thanks to Pierre Baumard, Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.getReader(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.AbstractRandomAccessFileOrigin.getReader(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.ByeArrayOrigin.getReader(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.InputStreamOrigin.getReader(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.getWriter(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.AbstractRandomAccessFileOrigin.getWriter(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o org.apache.commons.io.build.AbstractOrigin.OutputStreamOrigin.getWriter(Charset) now maps a null Charset to the default Charset. Thanks to Gary Gregory. o FileUtils.readLines(File, Charset) now maps a null Charset to the default Charset #744. Thanks to Ryan Kurtz, Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashCr" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.WindowsLineEndingInputStream, org.apache.commons.io.input.WindowsLineEndingInputStream] At WindowsLineEndingInputStream.java:[line 77]Another occurrence at WindowsLineEndingInputStream.java:[line 81] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashCr" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.WindowsLineEndingInputStream] At WindowsLineEndingInputStream.java:[line 112] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashLf" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.WindowsLineEndingInputStream] At WindowsLineEndingInputStream.java:[line 113] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashLf" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.UnixLineEndingInputStream] At UnixLineEndingInputStream.java:[line 75] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atEos" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.UnixLineEndingInputStream] At UnixLineEndingInputStream.java:[line 120] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashCr" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.UnixLineEndingInputStream] At UnixLineEndingInputStream.java:[line 124] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "atSlashLf" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.UnixLineEndingInputStream] At UnixLineEndingInputStream.java:[line 125] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "closed" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.ProxyInputStream] At ProxyInputStream.java:[line 233] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o Fix SpotBugs [ERROR] Medium: Shared primitive variable "propagateClose" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.io.input.BoundedInputStream] At BoundedInputStream.java:[line 555] AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory. o QueueInputStream reads all but the first byte without waiting. #748. Thanks to maxxedev, Piotr P. Karwasz, Gary Gregory. o Javadoc fixes and improvements. Thanks to Gary Gregory. o Avoid NPE in org.apache.commons.io.filefilter.WildcardFilter.accept(File). Thanks to Gary Gregory. o IO-874: FileUtils.forceDelete can delete a broken symlink again #756. Thanks to Andy Russell, Joerg Budischewski. o Fix infinite loop in AbstractByteArrayOutputStream. #758. Thanks to Alex Benusovich.

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Sep 11, 2025
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Sep 11, 2025
@zack-rma
Copy link
Contributor

zack-rma commented Sep 18, 2025

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/gradle/main/commons-io-commons-io-2.20.0 branch from 7ed71a9 to aef71e0 Compare September 18, 2025 17:13
@dwr-zroy
Copy link
Collaborator

dwr-zroy commented Oct 7, 2025

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/gradle/main/commons-io-commons-io-2.20.0 branch from aef71e0 to d98c893 Compare October 7, 2025 16:06
@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 7, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dwr-zroy
Copy link
Collaborator

dwr-zroy commented Nov 13, 2025

@dependabot rebase

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 13, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@dwr-zroy
Copy link
Collaborator

dwr-zroy commented Nov 24, 2025

@dependabot recreate

@dependabot
Bump commons-io:commons-io from 2.1 to 2.20.0
f34b46b 
Bumps [commons-io:commons-io](https://github.com/apache/commons-io) from 2.1 to 2.20.0.
- [Changelog](https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-io@commons-io-2.1...rel/commons-io-2.20.0)

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-version: 2.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/gradle/main/commons-io-commons-io-2.20.0 branch from d98c893 to f34b46b Compare November 24, 2025 20:11
@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 24, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dwr-zroy
Copy link
Collaborator

dwr-zroy commented Nov 25, 2025

No new warnings were emitted when building the project so there were no deprecation between 2.1 and 2.20.0 that impact us. However, I noticed differences in the solutions for DCR 2023 and this build. Will need additional investigation.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 1, 2025

Superseded by #166.

@dependabot dependabot bot closed this Dec 1, 2025
@dependabot dependabot bot deleted the dependabot/gradle/main/commons-io-commons-io-2.20.0 branch December 1, 2025 17:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hxiedwr hxiedwr Awaiting requested review from hxiedwr hxiedwr is a code owner

@dwr-zroy dwr-zroy Awaiting requested review from dwr-zroy dwr-zroy is a code owner

@jmdegeorge jmdegeorge Awaiting requested review from jmdegeorge jmdegeorge is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

WRIMS 3 Development
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zack-rma @dwr-zroy