redis-cache icon indicating copy to clipboard operation
redis-cache copied to clipboard

Published 20 hours ago verified publisher icon mybatis

Bump kryo from 4.0.2 to 5.3.0

Open dependabot[bot] opened this issue 3 years ago • 0 comments

Bumps kryo from 4.0.2 to 5.3.0.

Release notes

Sourced from kryo's releases.

kryo-5.3.0

This is a maintenance release coming with bug fixes and performance improvements:

#872 Custom exception for buffer over/underflow (#874) #873 Set record component getter accessible (#875) #845 Performance improvements for maps (#876) #845 Use IdentityMap instead of CuckooObjectMap in class resolver (#877) #882 Catch LinkageError in addition to RTE when accessing fields via ASM (#883)

Other Tasks:

  • Enforce minimum maven version and update plugins and test dependencies

The full list of changes can be found here.

Many thanks to all contributors!

Upgrade Notes

This release brings performance improvements for Kryo's custom map implementations (#876). These improvements allowed us to change the map for resolving registrations in DefaultClassResolver from a CuckooObjectMap to an IdentityMap with 3-5% faster throughput (#877). CuckooObjectMap is now deprecated and will be removed in Kryo 6.

Kryo now throws dedicated exceptions in case of buffer under- or overflows (#872). If you currently parse the error message to check for these conditions, you can catch KryoBufferUnderflowException and KryoBufferOverflowException instead.

For migration from previous major versions please check out the migration guide. We're asking the community to help and contribute this part: please edit the migration wiki page as you encounter any information or issues that might help others.

Compatibility

  • Serialization compatible
    • Standard IO: Yes
    • Unsafe-based IO: Yes
  • Binary compatible - No (Details)
  • Source compatible - No (Details)

kryo-5.2.1

This is a maintenance release coming with bug fixes and improvements:

#834 Support skipping input chunks after a buffer underflow (#850) #865 Ensure empty PriorityQueue can be deserialized (#866) #870 Shade contents of source jar for versioned artifact

Other Tasks:

  • Migrate from Travis CI to GitHub Actions
  • Build and test with JDK 17

The full list of changes can be found here.

Many thanks to all contributors!

For migration from previous major versions please check out the migration guide. We're asking the community to help and contribute this part: please edit the migration wiki page as you encounter any information or issues that might help others.

Compatibility

  • Serialization compatible

... (truncated)

Commits
  • c91d75e [maven-release-plugin] prepare release kryo-parent-5.3.0
  • e7170a1 #882 Catch LinkageError in addition to RTE when accessing fields via ASM (#...
  • c3b16a6 #881 Add benchmark for measuring concurrent throughput
  • 9241663 Use IdentityMap instead of CuckooObjectMap in class resolver (#877)
  • b5d5443 Performance improvements for maps (#876)
  • 180729e Update copyright year to 2022
  • b1cb816 Custom exception for buffer over/underflow (#874)
  • 1304ec5 #873 Set record component getter accessible (#875)
  • acaf260 Enforce minimum maven version and update plugins and test dependencies
  • 9c55ea0 Update README for 5.2.1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Feb 11 '22 13:02 dependabot[bot]