Skip to content

Bump reactor_netty from 1.1.26 to 1.2.2#17289

Closed
dependabot[bot] wants to merge 3 commits intomainfrom
dependabot/gradle/reactor_netty-1.2.2
Closed

Bump reactor_netty from 1.1.26 to 1.2.2#17289
dependabot[bot] wants to merge 3 commits intomainfrom
dependabot/gradle/reactor_netty-1.2.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 6, 2025
edited
Loading

Bumps reactor_netty from 1.1.26 to 1.2.2.
Updates io.projectreactor.netty:reactor-netty-core from 1.1.26 to 1.2.2

Release notes

Sourced from io.projectreactor.netty:reactor-netty-core's releases.

v1.2.2

Reactor Netty 1.2.2 is part of 2024.0.2 Release Train.

What's Changed

⚠️ Update considerations and deprecations

  • Do not add Transfer-Encoding for DELETE with no body by @​violetagg in #3549
  • Ensure DisposedChannelConfig#setAutoRead does not change auto-read configuration by @​violetagg in #3581

✨ New features and improvements

🐞 Bug fixes

  • Fix ClassCastException in HttpOperations#initShortId() by @​joschi in #3542
  • Ensure the request counter is updated once when the request is received by @​violetagg in #3543
  • HttpServerRequest#receiveContent() never emits any value nor completes when HTTP/1.1 TLS Upgrade (RFC-2817) kicks in by @​reta in #3540
  • Generate log message in advance by @​raccoonback in #3571

📖 Documentation

New Contributors

Full Changelog: reactor/reactor-netty@v1.2.1...v1.2.2

v1.2.1

Reactor Netty 1.2.1 is part of 2024.0.1 Release Train.

What's Changed

✨ New features and improvements

  • Depend on Reactor Core v3.7.1 by @​violetagg in 667f8c9cbf5a227a15f6d0a2f3aab7c4777613da, see release notes
  • Depend on Netty v4.1.115.Final by @​violetagg in #3511
  • Use SslHandler#isEncrypted(ByteBuf, boolean) instead of the deprecated SslHandler#isEncrypted(ByteBuf) by @​violetagg in #3523
  • Avoid using static exceptions for better debugging experience by @​violetagg in #3529
  • Handle the incoming LastHttpContent with no content as if it is EMPTY_LAST_CONTENT by @​violetagg in #3530

🐞 Bug fixes

... (truncated)

Commits
  • 3db1d87 [release] Prepare and release 1.2.2
  • cf230d3 Merge-ignore release 1.1.26 into 1.2.2
  • 7cee472 [release] Back to snapshots, next is 1.1.27-SNAPSHOT
  • bb60f6c Bump actions/upload-artifact from 4.5.0 to 4.6.0 (#3586)
  • 7dcfe85 Polish
  • 6e93d51 Polish
  • 6b10785 Polish
  • 963dd20 Configuration for setting maximum number of connection pools to be created (#...
  • e39854d Merge #3585 into 1.2.2
  • a8ca1a0 Merge e00e23e4c into 1.2.2
  • Additional commits viewable in compare view

Updates io.projectreactor.netty:reactor-netty-http from 1.1.26 to 1.2.2

Release notes

Sourced from io.projectreactor.netty:reactor-netty-http's releases.

v1.2.2

Reactor Netty 1.2.2 is part of 2024.0.2 Release Train.

What's Changed

⚠️ Update considerations and deprecations

  • Do not add Transfer-Encoding for DELETE with no body by @​violetagg in #3549
  • Ensure DisposedChannelConfig#setAutoRead does not change auto-read configuration by @​violetagg in #3581

✨ New features and improvements

🐞 Bug fixes

  • Fix ClassCastException in HttpOperations#initShortId() by @​joschi in #3542
  • Ensure the request counter is updated once when the request is received by @​violetagg in #3543
  • HttpServerRequest#receiveContent() never emits any value nor completes when HTTP/1.1 TLS Upgrade (RFC-2817) kicks in by @​reta in #3540
  • Generate log message in advance by @​raccoonback in #3571

📖 Documentation

New Contributors

Full Changelog: reactor/reactor-netty@v1.2.1...v1.2.2

v1.2.1

Reactor Netty 1.2.1 is part of 2024.0.1 Release Train.

What's Changed

✨ New features and improvements

  • Depend on Reactor Core v3.7.1 by @​violetagg in 667f8c9cbf5a227a15f6d0a2f3aab7c4777613da, see release notes
  • Depend on Netty v4.1.115.Final by @​violetagg in #3511
  • Use SslHandler#isEncrypted(ByteBuf, boolean) instead of the deprecated SslHandler#isEncrypted(ByteBuf) by @​violetagg in #3523
  • Avoid using static exceptions for better debugging experience by @​violetagg in #3529
  • Handle the incoming LastHttpContent with no content as if it is EMPTY_LAST_CONTENT by @​violetagg in #3530

🐞 Bug fixes

... (truncated)

Commits
  • 3db1d87 [release] Prepare and release 1.2.2
  • cf230d3 Merge-ignore release 1.1.26 into 1.2.2
  • 7cee472 [release] Back to snapshots, next is 1.1.27-SNAPSHOT
  • bb60f6c Bump actions/upload-artifact from 4.5.0 to 4.6.0 (#3586)
  • 7dcfe85 Polish
  • 6e93d51 Polish
  • 6b10785 Polish
  • 963dd20 Configuration for setting maximum number of connection pools to be created (#...
  • e39854d Merge #3585 into 1.2.2
  • a8ca1a0 Merge e00e23e4c into 1.2.2
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependabot PRs with auto version bumps from dependabot dependencies Pull requests that update a dependency file labels Feb 6, 2025
reta
reta reviewed Feb 6, 2025
View reviewed changes
gradle/libs.versions.toml

# project reactor
reactor_netty = "1.1.26"
reactor_netty = "1.2.2"
Copy link
Copy Markdown
Contributor

@reta reta Feb 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cwperks we did it! thanks for it!

Copy link
Copy Markdown
Member

@cwperks cwperks Feb 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now time to convert all the modules 😎

Copy link
Copy Markdown
Contributor

@reta reta Feb 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Feb 6, 2025

❌ Gradle check result for 7f0a3cc: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

@dependabot
Bump reactor_netty from 1.1.26 to 1.2.2
5ef3dc4 
Bumps `reactor_netty` from 1.1.26 to 1.2.2.

Updates `io.projectreactor.netty:reactor-netty-core` from 1.1.26 to 1.2.2
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](reactor/reactor-netty@v1.1.26...v1.2.2)

Updates `io.projectreactor.netty:reactor-netty-http` from 1.1.26 to 1.2.2
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](reactor/reactor-netty@v1.1.26...v1.2.2)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: io.projectreactor.netty:reactor-netty-http
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/gradle/reactor_netty-1.2.2 branch from 7f0a3cc to 5ef3dc4 Compare February 7, 2025 15:28
@dependabot
Updating SHAs
58990bb 
Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Update changelog
62c412b 
Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Feb 7, 2025

❌ Gradle check result for 62c412b: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

@rursprung
Copy link
Copy Markdown
Contributor

rursprung commented Feb 11, 2025
edited
Loading

reactor-netty 1.2.3 is now out which contains an important version bump of netty for CVE-2025-24970: https://github.com/reactor/reactor-netty/releases/tag/v1.2.3

=> this PR should be updated to 1.2.3 (i don't have the rights on this repo to tell dependabot to do so)

note: netty itself is being updated in #17320, but i'd say it makes sense to pick the latest reactor-netty version here as well

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Feb 11, 2025

Superseded by #17322.

@dependabot dependabot bot closed this Feb 11, 2025
@dependabot dependabot bot deleted the dependabot/gradle/reactor_netty-1.2.2 branch February 11, 2025 15:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@reta reta reta left review comments

@anasalkouz anasalkouz Awaiting requested review from anasalkouz

@andrross andrross Awaiting requested review from andrross

@ashking94 ashking94 Awaiting requested review from ashking94

@Bukhtawar Bukhtawar Awaiting requested review from Bukhtawar

@CEHENKLE CEHENKLE Awaiting requested review from CEHENKLE

@cwperks cwperks Awaiting requested review from cwperks

@dblock dblock Awaiting requested review from dblock

@dbwiddis dbwiddis Awaiting requested review from dbwiddis

@gbbafna gbbafna Awaiting requested review from gbbafna

@jainankitk jainankitk Awaiting requested review from jainankitk

@kotwanikunal kotwanikunal Awaiting requested review from kotwanikunal

@linuxpi linuxpi Awaiting requested review from linuxpi

@mch2 mch2 Awaiting requested review from mch2

@msfroh msfroh Awaiting requested review from msfroh

@nknize nknize Awaiting requested review from nknize

@owaiskazi19 owaiskazi19 Awaiting requested review from owaiskazi19

@Rishikesh1159 Rishikesh1159 Awaiting requested review from Rishikesh1159

@sachinpkale sachinpkale Awaiting requested review from sachinpkale

@saratvemulapalli saratvemulapalli Awaiting requested review from saratvemulapalli

@shwetathareja shwetathareja Awaiting requested review from shwetathareja

@sohami sohami Awaiting requested review from sohami

@VachaShah VachaShah Awaiting requested review from VachaShah

Assignees

No one assigned

Labels

dependabot PRs with auto version bumps from dependabot dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rursprung @reta @cwperks