Skip to content

Chore(deps): Bump okio from 2.5.0 to 2.9.0#20

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/com.squareup.okio-okio-2.9.0
Closed

Chore(deps): Bump okio from 2.5.0 to 2.9.0#20
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/com.squareup.okio-okio-2.9.0

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Oct 6, 2020

Bumps okio from 2.5.0 to 2.9.0.

Changelog

Sourced from okio's changelog.

Version 2.9.0

2020-10-04

  • Fix: Don't corrupt the Buffer when writing a slice of a segmented ByteString. We had a severe bug where ByteString instances created with snapshot() and readByteString() incorrectly adjusted the buffer's size by their full length, not the length of the slice. This would have caused buffer reads to crash! We do not believe data was silently corrupted.
  • New: CipherSink and CipherSource. Use these with javax.crypto.Cipher to encrypt and decrypt streams of data. This is a low-level encryption API; most applications should use higher-level APIs like TLS when available.
  • New: Promote hash functions md5, sha1(), sha512(), and sha256() to common Kotlin. These are currently only available on ByteString, multiplatform support for HashingSource, HashingSink, and Buffer should come in a follow-up release. We wrote and optimized our own implementations of these hash functions in Kotlin. On JVM and Android platforms Okio still uses the platform's built-in hash functions.
  • New: Support OSGi metadata.
  • Upgrade: [Kotlin 1.4.10][kotlin_1_4_10].

Version 2.8.0

2020-08-17

  • New: Upgrade to Kotlin 1.4.0.

Version 2.7.0

2020-07-07

  • New: Pipe.cancel() causes in-progress and future reads and writes on the pipe to immediately fail with an IOException. The streams may still be canceled normally.

  • New: Enlarge Okio's internal segment pool from a fixed 64 KiB total to 64 KiB per processor. For example, on an Intel i9 8-core/16-thread machine the segment pool now uses up to 1 MiB of memory.

  • New: Migrate from synchronized to lock-free when accessing the segment pool. Combined with the change above we saw throughput increase 3x on a synthetic benchmark designed to create contention.

Version 2.6.0

2020-04-22

  • New: InflaterSource.readOrInflate() is like InflaterSource.read(), except it will return 0 if consuming deflated bytes from the underlying stream did not produce new inflated bytes.
Commits
  • 7379b1f Make CipherSink and CipherSource into public types (#780)
  • da3112e CipherSink & CipherSource (#711)
  • 6344cc1 Fix SegmentedByteString substring write (#778)
  • ff616b9 Merge branch 'kevincianfarini-kc/internal-bytestring-hashing' into master
  • de4cdbb Promote ByteString hashing function to common Kotlin
  • c1427b8 Added OSGi metadata via build in a non intrusive way (#777)
  • 0eab62d Merge pull request #773 from square/jw/fifteen/2020-09-15
  • 71c348f Java 15 final
  • 0f183b7 Merge pull request #771 from square/jwilson.0911.kt1410
  • 424a81d Merge pull request #769 from square/jwilson.0909.rename
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Chore(deps): Bump okio from 2.5.0 to 2.9.0
5ffad50 
Bumps [okio](https://github.com/square/okio) from 2.5.0 to 2.9.0.
- [Release notes](https://github.com/square/okio/releases)
- [Changelog](https://github.com/square/okio/blob/master/CHANGELOG.md)
- [Commits](square/okio@parent-2.5.0...parent-2.9.0)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 6, 2020
@dependabot dependabot bot mentioned this pull request Oct 6, 2020
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jan 8, 2021

Superseded by #24.

@dependabot dependabot bot closed this Jan 8, 2021
@dependabot dependabot bot deleted the dependabot/maven/com.squareup.okio-okio-2.9.0 branch January 8, 2021 02:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants