Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): Bump com.unboundid:unboundid-ldapsdk from 6.0.10 to 6.0.11 #401

Merged

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 1, 2023

Bumps com.unboundid:unboundid-ldapsdk from 6.0.10 to 6.0.11.

Release notes

Sourced from com.unboundid:unboundid-ldapsdk's releases.

UnboundID LDAP SDK for Java 6.0.11

We have just released version 6.0.11 of the UnboundID LDAP SDK for Java. It is available for download from GitHub and SourceForge, and it is available in the Maven Central Repository.

Note that this is the last release of the LDAP SDK that will offer support for Java 7. As of the next release (which is expected to have a version of 7.0.0), the LDAP SDK will only support Java 8 and later.

You can find the release notes for the 6.0.11 release (and all previous versions) at https://docs.ldap.com/ldap-sdk/docs/release-notes.html, but here’s a summary of the changes:

  • We updated the ldapsearch and ldapmodify command-line tools to provide better validation for the --proxyAs argument, which includes the proxied authorization v2 request control in the requests that they issue. Previously, they would accept any string as the authorization ID value, but they will verify that it is a valid authorization ID using the form “dn:” followed by a valid DN or “u:” followed by a username.

  • We updated the Filter class so that the methods used to create substring filters are more user-friendly when the filter doesn’t contain all types of components. Previously, it expected a substring component to be null if that component wasn’t to be included in the request, and it would create an invalid filter if the component was provided as an empty string. It will now treat components provided as empty strings as if they had been null.

  • We updated the logic that the LDAP SDK uses to pare entries down to a specified set of attributes (including in the in-memory directory server and the ldifsearch command-line tool) to improve its behavior if it encounters an entry with a malformed attribute description (for example, one that contains characters that aren’t allowed). Previously, this would result in an internal error, but it will now make a best-attempt effort to handle the invalid name.

  • We updated the TimestampArgument class to allow it to accept timestamps in the ISO 8601 format described in RFC 3339 (e.g., 2023-11-30T01:02:03.456Z). Previously, it only accepted timestamps in the generalized time format (or a generalized time representation that didn’t include any time zone information, which was treated as the system’s local time zone).

  • We updated the JSONBuffer class to add an appendField method that can be used to append a generic field without knowing the value type. Previously, it only allowed you to append fields if you knew the type of the value.

  • We added new BinarySizeUnit and DecimalSizeUnit enums that can be used when dealing with a quantity of data, like the size of a file or the amount of information transferred over a network. Each of the enums supports a variety of units (bytes, kilobytes, megabytes, gigabytes, terabytes, petabytes, exabytes, zettabytes, and yottabytes), but the BinarySizeUnit variant assumes that each subsequent unit is 1024 times greater than the previous (e.g., one kilobyte is treated as 1024 bytes), while DecimalSizeUnit assumes that each subsequent unit is 1000 times greater than the previous (e.g., one kilobyte is treated as 1000 bytes).

  • We updated the client-side support for invoking the LDIF export administrative task in the Ping Identity Directory Server to include support for activating one or more post-LDIF-export task processors, which can be used to perform additional processing after the data is successfully exported.

Changelog

Sourced from com.unboundid:unboundid-ldapsdk's changelog.

          <div align="right">

${TARGET="offline"} LDAP SDK Home Page ${TARGET="offline"} Product Information

          <h2>Release Notes</h2>
      &lt;h3&gt;Version 6.0.11&lt;/h3&gt;
  &amp;lt;p&amp;gt;
    The following changes were made between the 6.0.10 and 6.0.11 releases:
  &amp;lt;/p&amp;gt;

  &amp;lt;ul&amp;gt;
    &amp;lt;li&amp;gt;
      Note that this is the last release that will support Java 7.  The next release
      (expected to have a version number of 7.0.0) will only support Java 8 and later.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;

    &amp;lt;li&amp;gt;
      Updated the ldapsearch and ldapmodify command-line tools to provide better
      validation for the value of the --proxyAs argument.  The tools will now reject
      attempts to use the argument with a value that doesn't start with either &amp;quot;dn:&amp;quot; or
      &amp;quot;u:&amp;quot;, and they will also reject attempts to use a value that starts with &amp;quot;dn:&amp;quot;
      but is not followed by a valid LDAP DN.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;

    &amp;lt;li&amp;gt;
      Updated the Filter methods for creating substring filters to better support empty
      components.  In LDAP filters, filters are transmitted using a binary encoding,
      and substring components may be absent but not empty.  However, because
      developers creating LDAP-enabled applications are more likely to be familiar with
      the string representations of filters, it is understandable if someone were to
      try to provide an empty string instead of null to indicate that the component is
      not needed.  The methods for creating substring filters will now interpret empty
      components as equivalent to being null, causing them to be omitted from the
      resulting encoded LDAP filter.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;

    &amp;lt;li&amp;gt;
      Updated the logic that the LDAP SDK uses in the in-memory directory server and
      the ldifsearch tool to pare matching entries based on a set of requested
      attributes in the in-memory.  If an entry included an attribute with an invalid
      name, then the logic used to parse an attribute description into the base
      attribute type name and a set of attribute options would result in a null pointer
      exception.  It now uses more lenient logic for parsing attribute descriptions,

... (truncated)

Commits
  • 8b21d0a Improve ldapsearch/ldapmodify --proxyAs handling
  • eb22dc8 Add a release note about dropping Java 7 support
  • 75aea3f Avoid a NullPointerException in SearchEntryParer
  • f485f6a Add size unit enums
  • 3dad7ef Add JSONBuffer.appendField
  • c93253d TimestampArgument support for RFC 3339
  • 42a4d40 Add support for post-LDIF-export task processors
  • a2d25c2 Better handle empty comps in substring filters
  • 3dd7837 Post-6.0.10 updates
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [com.unboundid:unboundid-ldapsdk](https://github.com/pingidentity/ldapsdk) from 6.0.10 to 6.0.11.
- [Release notes](https://github.com/pingidentity/ldapsdk/releases)
- [Changelog](https://github.com/pingidentity/ldapsdk/blob/master/docs/release-notes.html)
- [Commits](pingidentity/ldapsdk@6.0.10...6.0.11)

---
updated-dependencies:
- dependency-name: com.unboundid:unboundid-ldapsdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Dec 1, 2023
@github-actions github-actions bot added ignore-for-release size/XS PR with minimal changes labels Dec 1, 2023
@HorizonNet HorizonNet self-assigned this Dec 1, 2023
Copy link

sonarqubecloud bot commented Dec 1, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@HorizonNet HorizonNet merged commit eda7e34 into main Dec 1, 2023
16 checks passed
@HorizonNet HorizonNet deleted the dependabot/gradle/com.unboundid-unboundid-ldapsdk-6.0.11 branch December 1, 2023 12:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file ignore-for-release java Pull requests that update Java code size/XS PR with minimal changes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant