Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 by dependabot[bot] · Pull Request #3335 · apache/maven-surefire (original) (raw)

Bumps org.fusesource.jansi:jansi from 2.4.2 to 2.4.3.

Release notes

Sourced from org.fusesource.jansi:jansi's releases.

jansi-2.4.3

⚠️ WARNING
This library is no longer maintained. It has been merged into org.jline:jansi.
Please update your dependencies to use org.jline:jansi instead.

Bug Fix

Fix native library loading failure on certain JDK/OS combinations (#317, #318)

JansiLoader.contentsEquals() compared full 8192-byte buffers instead of only the bytes actually read from each stream. On the final chunk, stale or overwritten bytes beyond the read count could cause a false "Content differs" mismatch, preventing the native library from loading. This was reported on Fedora with JDK 21 and affected Maven color output.

Other Changes

• Migrate deployment from oss.sonatype.org to central.sonatype.com
• Upgrade obsolete GHA versions
• Upgrade moditect-maven-plugin

Full Changelog: fusesource/jansi@jansi-2.4.2...jansi-2.4.3

Commits

• 9170132 [maven-release-plugin] prepare release jansi-2.4.3
• 1fd379a Migrate deployment from oss.sonatype.org to central.sonatype.com
• 300aa78 Fix native library loading failure caused by incorrect buffer comparison (#31...
• c20d88f Add deprecation notice (#312)
• 70186aa upgrade moditect-maven-plugin
• 05f9fc8 upgrade obsolete GHA versions
• 1d11a27 [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)