Skip to content

chore(deps): bump com.amazon.ion:ion-java from 1.11.11 to 1.12.0#95

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/com.amazon.ion-ion-java-1.12.0
Open

chore(deps): bump com.amazon.ion:ion-java from 1.11.11 to 1.12.0#95
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/com.amazon.ion-ion-java-1.12.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps com.amazon.ion:ion-java from 1.11.11 to 1.12.0.

Release notes

Sourced from com.amazon.ion:ion-java's releases.

v1.12.0

What's Changed

  • Document symmetry-breaking equals. (#1122)
  • Bump github/codeql-action from 4.30.8 to 4.30.9. (#1131)
  • Bump the github-action-dependencies. (#1135)
  • Bump github/codeql-action from 4.31.0 to 4.31.2. (#1139)
  • Bump the github-action-dependencies. (#1144)
  • Fixes a binary write corruption bug introduced in 1.11.11. (#1150)
  • Fix missing benchmark comparison in GitHub step summary. (#1154)
  • Grow reader buffer incrementally and add GZIP opt-out. (#1153)
  • Optimize text read hot paths (+18.1% aggregate JMH). (#1151)
  • Improves IonContainer hashCode performance by ~30%. (#1156)

New Contributors

Full Changelog: amazon-ion/ion-java@v1.11.11...v1.12.0

Commits
  • fb91868 Prepare v1.12.0 release (#1157)
  • 12aac5d Improves IonContainer hashCode performance by ~30%. (#1156)
  • b864ca3 [IonJava] Optimize text read hot paths (+18.1% aggregate JMH) (#1151)
  • 4f33759 Grow reader buffer incrementally and add GZIP opt-out (#1153)
  • 7159685 Fix missing benchmark comparison in GitHub step summary (#1154)
  • a129203 Fixes a binary write corruption bug introduced in 1.11.11.
  • ba2328e Bump the github-action-dependencies group with 2 updates (#1144)
  • 0c0722f Bump github/codeql-action in the github-action-dependencies group
  • 7729d3d Bump the github-action-dependencies group with 3 updates
  • 812d154 Bump github/codeql-action in the github-action-dependencies group
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [com.amazon.ion:ion-java](https://github.com/amazon-ion/ion-java) from 1.11.11 to 1.12.0.
- [Release notes](https://github.com/amazon-ion/ion-java/releases)
- [Commits](amazon-ion/ion-java@v1.11.11...v1.12.0)

---
updated-dependencies:
- dependency-name: com.amazon.ion:ion-java
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependency-upgrade Dependency upgrade is needed label Jun 29, 2026
@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

📦 Artifacts

Name Size Updated Expiration
jar 2.97 MB Jun 29, 26, 2:06:39 PM UTC Jul 6, 26, 2:06:37 PM UTC

🛡 Trivy

Vulnerability in: Java

Vulnerability Severity Package Installed Version Fixed Version
CVE-2026-54512 HIGH com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 3.1.4, 2.21.4
CVE-2026-54512 HIGH com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 3.1.4, 2.21.4
CVE-2026-54512 HIGH com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 3.1.4, 2.21.4
CVE-2026-54513 HIGH com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 2.21.4, 3.1.4
CVE-2026-54513 HIGH com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 2.21.4, 3.1.4
CVE-2026-54513 HIGH com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 2.21.4, 3.1.4
CVE-2026-54514 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 2.21.4, 3.1.4
CVE-2026-54514 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 2.21.4, 3.1.4
CVE-2026-54514 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.18.8, 2.21.4, 3.1.4
CVE-2026-54515 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 3.1.4, 2.18.9, 2.21.5
CVE-2026-54515 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 3.1.4, 2.18.9, 2.21.5
CVE-2026-54515 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 3.1.4, 2.18.9, 2.21.5
CVE-2026-54516 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4, 3.1.4
CVE-2026-54516 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4, 3.1.4
CVE-2026-54516 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4, 3.1.4
CVE-2026-54517 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4, 3.1.4
CVE-2026-54517 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4, 3.1.4
CVE-2026-54517 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4, 3.1.4
CVE-2026-54518 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4
CVE-2026-54518 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4
CVE-2026-54518 MEDIUM com.fasterxml.jackson.core:jackson-databind 2.21.1 2.21.4

🧪 Java Unit Tests

TestsPassed ✅Skipped ⚠️FailedTime ⏱
Java Tests Report144 ran143 ✅1 ⚠️0 ❌49s 635ms

🔁 Unreleased Commits

✅ No unreleased commits found.

@github-actions

Copy link
Copy Markdown
Contributor

Tests report quick summary:

success ✅ > tests: 144, success: 143, skipped: 1, failed: 0

unfold for details
Project Status Success Skipped Failed
plugin-transform-grok success ✅ 20 0 0
plugin-transform-json success ✅ 16 0 0
plugin-transform-records success ✅ 107 1 0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependency-upgrade Dependency upgrade is needed

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants