chore(deps): bump version.msgpack from 0.8.16 to 0.8.19 by dependabot-preview[bot] · Pull Request #3393 · camunda/camunda

dependabot-preview · 2019-11-19T17:17:13Z

Bumps version.msgpack from 0.8.16 to 0.8.19.

Updates msgpack-core from 0.8.16 to 0.8.19

Changelog

Sourced from msgpack-core's changelog.

0.8.19

Support JDK11

msgpack-jackson: Fixes #515

0.8.18

(internal) Update sbt related dependencies #507

Use jackson-databind 2.9.9.3 for security vulnerability #511

0.8.17

Fix OOM exception for invalid msgpack messages #500

Use jackson-databind 2.9.9 for security vulnerability #505

Commits

657d1c1 Setting version to 0.8.19
bef0ccd Improves MessageBuffer support for Java 11 (#514)
ba61279 Merge pull request #515 from qxo/fix4MessagePackFactory
c1eb425 MessagePackFactory should add getFormatName for naming the factory
7088d20 Setting version to 0.8.19-SNAPSHOT
e414ebf Setting version to 0.8.18
219944d Merge pull request #513 from msgpack/releasenote-0.8.18
65dc322 Add 0.8.18 release note
1816b1e Merge pull request #512 from msgpack/follow-up-issue-508
d7f32ca Minor update
Additional commits viewable in compare view

Updates jackson-dataformat-msgpack from 0.8.16 to 0.8.19

Changelog

Sourced from jackson-dataformat-msgpack's changelog.

0.8.19

Support JDK11

msgpack-jackson: Fixes #515

0.8.18

(internal) Update sbt related dependencies #507

Use jackson-databind 2.9.9.3 for security vulnerability #511

0.8.17

Fix OOM exception for invalid msgpack messages #500

Use jackson-databind 2.9.9 for security vulnerability #505

Commits

657d1c1 Setting version to 0.8.19
bef0ccd Improves MessageBuffer support for Java 11 (#514)
ba61279 Merge pull request #515 from qxo/fix4MessagePackFactory
c1eb425 MessagePackFactory should add getFormatName for naming the factory
7088d20 Setting version to 0.8.19-SNAPSHOT
e414ebf Setting version to 0.8.18
219944d Merge pull request #513 from msgpack/releasenote-0.8.18
65dc322 Add 0.8.18 release note
1816b1e Merge pull request #512 from msgpack/follow-up-issue-508
d7f32ca Minor update
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
@dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

Update frequency (including time of day and day of week)
Pull request limits (per update run and/or open at any time)
Automerge options (never/patch/minor, and dev/runtime dependencies)
Out-of-range updates (receive only lockfile updates, if desired)
Security updates (receive only security updates, if desired)

Bumps `version.msgpack` from 0.8.16 to 0.8.19. Updates `msgpack-core` from 0.8.16 to 0.8.19 - [Release notes](https://github.com/msgpack/msgpack-java/releases) - [Changelog](https://github.com/msgpack/msgpack-java/blob/develop/RELEASE_NOTES.md) - [Commits](msgpack/msgpack-java@0.8.16...0.8.19) Updates `jackson-dataformat-msgpack` from 0.8.16 to 0.8.19 - [Release notes](https://github.com/msgpack/msgpack-java/releases) - [Changelog](https://github.com/msgpack/msgpack-java/blob/develop/RELEASE_NOTES.md) - [Commits](msgpack/msgpack-java@0.8.16...0.8.19) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

ChrisKujawa · 2019-11-21T07:25:20Z

We need to fix this

[ERROR] shouldCorrelateMessageAfterRestartIfPublishedBefore[1: restart-without-snapshot](io.zeebe.broker.it.startup.BrokerReprocessingTest)  Time elapsed: 6.563 s  <<< ERROR!

java.lang.RuntimeException: com.fasterxml.jackson.databind.JsonMappingException: Failed to convert MessagePack to JSON (through reference chain: io.zeebe.protocol.impl.record.CopiedRecord["value"]->io.zeebe.protocol.impl.record.value.variable.VariableRecord["value"])

	at io.zeebe.protocol.impl.encoding.MsgPackConverter.convertJsonSerializableObjectToJson(MsgPackConverter.java:180)

	at io.zeebe.protocol.impl.record.CopiedRecord.toJson(CopiedRecord.java:143)

	at io.zeebe.protocol.impl.record.CopiedRecord.toString(CopiedRecord.java:153)

	at io.zeebe.test.util.record.RecordingExporterTestWatcher.lambda$failed$0(RecordingExporterTestWatcher.java:22)

	at java.base/java.util.concurrent.CopyOnWriteArrayList.forEach(CopyOnWriteArrayList.java:803)

	at io.zeebe.test.util.record.RecordingExporterTestWatcher.failed(RecordingExporterTestWatcher.java:22)

	at org.junit.rules.TestWatcher.failedQuietly(TestWatcher.java:84)

	at org.junit.rules.TestWatcher.access$300(TestWatcher.java:46)

	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:62)

	at org.junit.rules.ExternalResource$1.evaluate(ExternalResource.java:48)

	at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:298)

	at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:292)

	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)

	at java.base/java.lang.Thread.run(Thread.java:834)

Caused by: com.fasterxml.jackson.databind.JsonMappingException: Failed to convert MessagePack to JSON (through reference chain: io.zeebe.protocol.impl.record.CopiedRecord["value"]->io.zeebe.protocol.impl.record.value.variable.VariableRecord["value"])

	at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:394)

	at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:353)

	at com.fasterxml.jackson.databind.ser.std.StdSerializer.wrapAndThrow(StdSerializer.java:316)

	at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:730)

	at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:166)

	at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:727)

	at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:722)

	at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:166)

	at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider._serialize(DefaultSerializerProvider.java:480)

	at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider.serializeValue(DefaultSerializerProvider.java:319)

	at com.fasterxml.jackson.databind.ObjectMapper._configAndWriteValue(ObjectMapper.java:4094)

	at com.fasterxml.jackson.databind.ObjectMapper.writeValueAsString(ObjectMapper.java:3404)

	at io.zeebe.protocol.impl.encoding.MsgPackConverter.convertJsonSerializableObjectToJson(MsgPackConverter.java:178)

	... 13 more

Caused by: java.lang.RuntimeException: Failed to convert MessagePack to JSON

	at io.zeebe.protocol.impl.encoding.MsgPackConverter.convertToJsonBytes(MsgPackConverter.java:117)

	at io.zeebe.protocol.impl.encoding.MsgPackConverter.convertToJson(MsgPackConverter.java:97)

	at io.zeebe.protocol.impl.encoding.MsgPackConverter.convertToJson(MsgPackConverter.java:93)

	at io.zeebe.protocol.impl.encoding.MsgPackConverter.convertToJson(MsgPackConverter.java:89)

	at io.zeebe.protocol.impl.record.value.variable.VariableRecord.getValue(VariableRecord.java:45)

	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

	at java.base/java.lang.reflect.Method.invoke(Method.java:566)

	at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:688)

	at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:722)

	... 22 more

Caused by: com.fasterxml.jackson.core.io.JsonEOFException: Unexpected EOF

 at [Source: (ByteArrayInputStream); line: -1, column: 10]

	at org.msgpack.jackson.dataformat.MessagePackParser.nextToken(MessagePackParser.java:237)

	at io.zeebe.protocol.impl.encoding.MsgPackConverter.convert(MsgPackConverter.java:135)

	at io.zeebe.protocol.impl.encoding.MsgPackConverter.convertToJsonBytes(MsgPackConverter.java:113)

	... 32 more

saig0 · 2019-11-22T08:17:09Z

The pull request msgpack/msgpack-java#500 broke the Jackson API. The return of method JsonParser#nextToken is documented as "returns Next token from the stream, if any found, or null to indicate end-of-input". Since this change, the MessagePackParser throws an JsonEOFException.

ChrisKujawa · 2019-11-22T08:27:19Z

Lol you mean this change 🤦‍♂️
https://github.com/msgpack/msgpack-java/pull/500/files

        if (!messageUnpacker.hasNext()) {
       -     return null;
       +    throw new JsonEOFException(this, null, "Unexpected EOF");
        }

Nice catch thanks for investigating.

* using the MessagePackParser, it is not longer possible to check if there are more values because an exception is thrown

saig0

bors r+

3393: chore(deps): bump version.msgpack from 0.8.16 to 0.8.19 r=saig0 a=dependabot-preview[bot] Bumps `version.msgpack` from 0.8.16 to 0.8.19. Updates `msgpack-core` from 0.8.16 to 0.8.19 <details> <summary>Changelog</summary> *Sourced from [msgpack-core's changelog](https://github.com/msgpack/msgpack-java/blob/develop/RELEASE_NOTES.md).* > ## 0.8.19 > * Support JDK11 > * msgpack-jackson: Fixes [#515](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/515) > > ## 0.8.18 > * (internal) Update sbt related dependencies [#507](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/507) > * Use jackson-databind 2.9.9.3 for security vulnerability [#511](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/511) > > ## 0.8.17 > * Fix OOM exception for invalid msgpack messages [#500](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/500) > * Use jackson-databind 2.9.9 for security vulnerability [#505](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/505) </details> <details> <summary>Commits</summary> - [`657d1c1`](msgpack/msgpack-java@657d1c1) Setting version to 0.8.19 - [`bef0ccd`](msgpack/msgpack-java@bef0ccd) Improves MessageBuffer support for Java 11 ([#514](https://github-redirect.dependabot.com/msgpack/msgpack-java/issues/514)) - [`ba61279`](msgpack/msgpack-java@ba61279) Merge pull request [#515](https://github-redirect.dependabot.com/msgpack/msgpack-java/issues/515) from qxo/fix4MessagePackFactory - [`c1eb425`](msgpack/msgpack-java@c1eb425) MessagePackFactory should add getFormatName for naming the factory - [`7088d20`](msgpack/msgpack-java@7088d20) Setting version to 0.8.19-SNAPSHOT - [`e414ebf`](msgpack/msgpack-java@e414ebf) Setting version to 0.8.18 - [`219944d`](msgpack/msgpack-java@219944d) Merge pull request [#513](https://github-redirect.dependabot.com/msgpack/msgpack-java/issues/513) from msgpack/releasenote-0.8.18 - [`65dc322`](msgpack/msgpack-java@65dc322) Add 0.8.18 release note - [`1816b1e`](msgpack/msgpack-java@1816b1e) Merge pull request [#512](https://github-redirect.dependabot.com/msgpack/msgpack-java/issues/512) from msgpack/follow-up-issue-508 - [`d7f32ca`](msgpack/msgpack-java@d7f32ca) Minor update - Additional commits viewable in [compare view](msgpack/msgpack-java@0.8.16...0.8.19) </details> <br /> Updates `jackson-dataformat-msgpack` from 0.8.16 to 0.8.19 <details> <summary>Changelog</summary> *Sourced from [jackson-dataformat-msgpack's changelog](https://github.com/msgpack/msgpack-java/blob/develop/RELEASE_NOTES.md).* > ## 0.8.19 > * Support JDK11 > * msgpack-jackson: Fixes [#515](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/515) > > ## 0.8.18 > * (internal) Update sbt related dependencies [#507](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/507) > * Use jackson-databind 2.9.9.3 for security vulnerability [#511](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/511) > > ## 0.8.17 > * Fix OOM exception for invalid msgpack messages [#500](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/500) > * Use jackson-databind 2.9.9 for security vulnerability [#505](https://github-redirect.dependabot.com/msgpack/msgpack-java/pull/505) </details> <details> <summary>Commits</summary> - [`657d1c1`](msgpack/msgpack-java@657d1c1) Setting version to 0.8.19 - [`bef0ccd`](msgpack/msgpack-java@bef0ccd) Improves MessageBuffer support for Java 11 ([#514](https://github-redirect.dependabot.com/msgpack/msgpack-java/issues/514)) - [`ba61279`](msgpack/msgpack-java@ba61279) Merge pull request [#515](https://github-redirect.dependabot.com/msgpack/msgpack-java/issues/515) from qxo/fix4MessagePackFactory - [`c1eb425`](msgpack/msgpack-java@c1eb425) MessagePackFactory should add getFormatName for naming the factory - [`7088d20`](msgpack/msgpack-java@7088d20) Setting version to 0.8.19-SNAPSHOT - [`e414ebf`](msgpack/msgpack-java@e414ebf) Setting version to 0.8.18 - [`219944d`](msgpack/msgpack-java@219944d) Merge pull request [#513](https://github-redirect.dependabot.com/msgpack/msgpack-java/issues/513) from msgpack/releasenote-0.8.18 - [`65dc322`](msgpack/msgpack-java@65dc322) Add 0.8.18 release note - [`1816b1e`](msgpack/msgpack-java@1816b1e) Merge pull request [#512](https://github-redirect.dependabot.com/msgpack/msgpack-java/issues/512) from msgpack/follow-up-issue-508 - [`d7f32ca`](msgpack/msgpack-java@d7f32ca) Minor update - Additional commits viewable in [compare view](msgpack/msgpack-java@0.8.16...0.8.19) </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) </details> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Co-authored-by: Philipp Ossler <philipp.ossler@gmail.com>

ChrisKujawa · 2019-11-22T09:47:30Z

  }

-  public static byte[] convertToMsgPack(Object value) {
+  public static byte[] convertToMsgPack(final Object value) {


Could you please avoid doing this. I already discussed this with @npepinpe this is just noise. Either we decided that everything should be final (which I'm ok with) then we should do use all the same setting and do it once.

Agree. Then, I'm voting for using final ;)

ok I added it to the team meeting agenda

ghost · 2019-11-22T10:02:39Z

Build succeeded

continuous-integration/jenkins/branch

dependabot-preview Bot added scope/broker Marks an issue or PR to appear in the broker section of the changelog Status: Needs Review kind/toil Categorizes an issue or PR as general maintenance, i.e. cleanup, refactoring, etc. labels Nov 19, 2019

dependabot-preview Bot requested a review from menski November 19, 2019 17:17

dependabot-preview Bot mentioned this pull request Nov 19, 2019

chore(deps): bump version.msgpack from 0.8.16 to 0.8.18 #3037

Closed

ChrisKujawa self-requested a review November 20, 2019 10:31

ChrisKujawa requested review from saig0 and removed request for ChrisKujawa and menski November 21, 2019 07:25

chore(protocol): remove single value check from MessagePack converter

383f2de

* using the MessagePackParser, it is not longer possible to check if there are more values because an exception is thrown

saig0 approved these changes Nov 22, 2019

View reviewed changes

ChrisKujawa reviewed Nov 22, 2019

View reviewed changes

ghost merged commit 383f2de into develop Nov 22, 2019

KerstinHebel removed the Status: Needs Review label Nov 22, 2019

ghost deleted the dependabot/maven/version.msgpack-0.8.19 branch November 22, 2019 10:02

miguelpires added the Release: 0.22.0-alpha2 label Dec 4, 2019

This pull request was closed.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump version.msgpack from 0.8.16 to 0.8.19#3393

chore(deps): bump version.msgpack from 0.8.16 to 0.8.19#3393
2 commits merged intodevelopfrom
dependabot/maven/version.msgpack-0.8.19

dependabot-preview Bot commented Nov 19, 2019

Uh oh!

ChrisKujawa commented Nov 21, 2019

Uh oh!

saig0 commented Nov 22, 2019 •

edited

Loading

Uh oh!

ChrisKujawa commented Nov 22, 2019

Uh oh!

saig0 left a comment

Uh oh!

ChrisKujawa Nov 22, 2019

Uh oh!

saig0 Nov 22, 2019

Uh oh!

ChrisKujawa Nov 22, 2019

Uh oh!

ghost commented Nov 22, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

dependabot-preview Bot commented Nov 19, 2019

0.8.19

0.8.18

0.8.17

0.8.19

0.8.18

0.8.17

Uh oh!

ChrisKujawa commented Nov 21, 2019

Uh oh!

saig0 commented Nov 22, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

ChrisKujawa commented Nov 22, 2019

Uh oh!

saig0 left a comment

Choose a reason for hiding this comment

Uh oh!

ChrisKujawa Nov 22, 2019

Choose a reason for hiding this comment

Uh oh!

saig0 Nov 22, 2019

Choose a reason for hiding this comment

Uh oh!

ChrisKujawa Nov 22, 2019

Choose a reason for hiding this comment

Uh oh!

ghost commented Nov 22, 2019

Build succeeded

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

saig0 commented Nov 22, 2019 •

edited

Loading