From ba1a77bd4ac29c30969f123a48cdebc0e00e80ce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 14:41:17 +0000 Subject: [PATCH 1/3] Bump org.tukaani:xz from 1.11 to 1.12 in /plugins/ingest-attachment Bumps [org.tukaani:xz](https://github.com/tukaani-project/xz-java) from 1.11 to 1.12. - [Release notes](https://github.com/tukaani-project/xz-java/releases) - [Changelog](https://github.com/tukaani-project/xz-java/blob/master/NEWS.md) - [Commits](https://github.com/tukaani-project/xz-java/compare/v1.11...v1.12) --- updated-dependencies: - dependency-name: org.tukaani:xz dependency-version: '1.12' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- plugins/ingest-attachment/build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/ingest-attachment/build.gradle b/plugins/ingest-attachment/build.gradle index 24d4df8f3fdc1..f2c48c9b5b4dd 100644 --- a/plugins/ingest-attachment/build.gradle +++ b/plugins/ingest-attachment/build.gradle @@ -66,7 +66,7 @@ dependencies { runtimeOnly "com.optimaize.languagedetector:language-detector:0.6" runtimeOnly "com.google.guava:guava:${versions.guava}" // Other dependencies - api 'org.tukaani:xz:1.11' + api 'org.tukaani:xz:1.12' api "commons-io:commons-io:${versions.commonsio}" api "org.slf4j:slf4j-api:${versions.slf4j}" From a4253e69fb4e54a7e82f5382cd1a9a8b9dd676a4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 14:44:01 +0000 Subject: [PATCH 2/3] Updating SHAs Signed-off-by: dependabot[bot] --- plugins/ingest-attachment/licenses/xz-1.11.jar.sha1 | 1 - plugins/ingest-attachment/licenses/xz-1.12.jar.sha1 | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) delete mode 100644 plugins/ingest-attachment/licenses/xz-1.11.jar.sha1 create mode 100644 plugins/ingest-attachment/licenses/xz-1.12.jar.sha1 diff --git a/plugins/ingest-attachment/licenses/xz-1.11.jar.sha1 b/plugins/ingest-attachment/licenses/xz-1.11.jar.sha1 deleted file mode 100644 index 0b9a0d252baf4..0000000000000 --- a/plugins/ingest-attachment/licenses/xz-1.11.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -bdfd1774efb216f506f4f3c5b08c205b308c50aa \ No newline at end of file diff --git a/plugins/ingest-attachment/licenses/xz-1.12.jar.sha1 b/plugins/ingest-attachment/licenses/xz-1.12.jar.sha1 new file mode 100644 index 0000000000000..bc01b2e8d10c4 --- /dev/null +++ b/plugins/ingest-attachment/licenses/xz-1.12.jar.sha1 @@ -0,0 +1 @@ +bb9703ba3753ab8665f65e6a25b3ddc7b09b1caf \ No newline at end of file From 9bf102182a4534b5400c9aa38aa8375d801ec375 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 14:44:58 +0000 Subject: [PATCH 3/3] Update changelog Signed-off-by: dependabot[bot] --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 39061ec7a5659..53a931e22b597 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -77,6 +77,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Bump `tj-actions/changed-files` from 47.0.1 to 47.0.4 ([#20638](https://github.com/opensearch-project/OpenSearch/pull/20638), [#20716](https://github.com/opensearch-project/OpenSearch/pull/20716)) - Bump `com.nimbusds:nimbus-jose-jwt` from 10.7 to 10.8 ([#20715](https://github.com/opensearch-project/OpenSearch/pull/20715)) - Bump OpenTelemetry to 1.59.0 and OpenTelemetry Semconv to 1.40.0 ([#20737](https://github.com/opensearch-project/OpenSearch/pull/20737)) +- Bump `org.tukaani:xz` from 1.11 to 1.12 ([#20760](https://github.com/opensearch-project/OpenSearch/pull/20760)) ### Removed