From 879824ce545e4fb103951186321ff5293593aa4b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 06:49:42 -0400 Subject: [PATCH 1/2] Bump org.apache.httpcomponents.core5:httpcore5-h2 from 5.4.1 to 5.4.2 in /java-client (#1919) * Bump org.apache.httpcomponents.core5:httpcore5-h2 in /java-client Bumps [org.apache.httpcomponents.core5:httpcore5-h2](https://github.com/apache/httpcomponents-core) from 5.4.1 to 5.4.2. - [Changelog](https://github.com/apache/httpcomponents-core/blob/rel/v5.4.2/RELEASE_NOTES.txt) - [Commits](https://github.com/apache/httpcomponents-core/compare/rel/v5.4.1...rel/v5.4.2) --- updated-dependencies: - dependency-name: org.apache.httpcomponents.core5:httpcore5-h2 dependency-version: 5.4.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Update changelog Signed-off-by: dependabot[bot] --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- CHANGELOG.md | 1 + java-client/build.gradle.kts | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 26fead9ba..abdc77273 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - Bump `org.owasp.dependencycheck` from 12.1.3 to 12.2.0 ([#1735](https://github.com/opensearch-project/opensearch-java/pull/1735), [#1742](https://github.com/opensearch-project/opensearch-java/pull/1742), [#1754](https://github.com/opensearch-project/opensearch-java/pull/1754), [#1765](https://github.com/opensearch-project/opensearch-java/pull/1765), [#1796](https://github.com/opensearch-project/opensearch-java/pull/1796), [#1854](https://github.com/opensearch-project/opensearch-java/pull/1854)) - Bump `com.carrotsearch.randomizedtesting:randomizedtesting-runner` from 2.8.3 to 2.8.4 ([#1882](https://github.com/opensearch-project/opensearch-java/pull/1882)) - Bump `com.github.jk1.dependency-license-report` from 3.0.1 to 3.1.1 ([#1895](https://github.com/opensearch-project/opensearch-java/pull/1895), [#1896](https://github.com/opensearch-project/opensearch-java/pull/1896)) +- Bump `org.apache.httpcomponents.core5:httpcore5-h2` from 5.4.1 to 5.4.2 ([#1919](https://github.com/opensearch-project/opensearch-java/pull/1919)) ### Added diff --git a/java-client/build.gradle.kts b/java-client/build.gradle.kts index 7ee35ecce..ce42fd9b4 100644 --- a/java-client/build.gradle.kts +++ b/java-client/build.gradle.kts @@ -194,8 +194,8 @@ dependencies { api("org.apache.httpcomponents.client5:httpclient5:5.6") { exclude(group = "org.apache.httpcomponents.core5") } - api("org.apache.httpcomponents.core5:httpcore5:5.4.1") - api("org.apache.httpcomponents.core5:httpcore5-h2:5.4.1") + api("org.apache.httpcomponents.core5:httpcore5:5.4.2") + api("org.apache.httpcomponents.core5:httpcore5-h2:5.4.2") // Apache 2.0 // https://search.maven.org/artifact/com.google.code.findbugs/jsr305 From c16f50f5c6c69e18406e501a2f22b24d29742fbc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 09:59:13 -0400 Subject: [PATCH 2/2] Bump commons-logging:commons-logging from 1.3.5 to 1.3.6 (#1922) * Bump commons-logging:commons-logging from 1.3.5 to 1.3.6 Bumps [commons-logging:commons-logging](https://github.com/apache/commons-logging) from 1.3.5 to 1.3.6. - [Changelog](https://github.com/apache/commons-logging/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-logging/compare/rel/commons-logging-1.3.5...rel/commons-logging-1.3.6) --- updated-dependencies: - dependency-name: commons-logging:commons-logging dependency-version: 1.3.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Update changelog Signed-off-by: dependabot[bot] --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- CHANGELOG.md | 1 + java-client/build.gradle.kts | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index abdc77273..f0ad36a61 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - Bump `com.carrotsearch.randomizedtesting:randomizedtesting-runner` from 2.8.3 to 2.8.4 ([#1882](https://github.com/opensearch-project/opensearch-java/pull/1882)) - Bump `com.github.jk1.dependency-license-report` from 3.0.1 to 3.1.1 ([#1895](https://github.com/opensearch-project/opensearch-java/pull/1895), [#1896](https://github.com/opensearch-project/opensearch-java/pull/1896)) - Bump `org.apache.httpcomponents.core5:httpcore5-h2` from 5.4.1 to 5.4.2 ([#1919](https://github.com/opensearch-project/opensearch-java/pull/1919)) +- Bump `commons-logging:commons-logging` from 1.3.5 to 1.3.6 ([#1922](https://github.com/opensearch-project/opensearch-java/pull/1922)) ### Added diff --git a/java-client/build.gradle.kts b/java-client/build.gradle.kts index ce42fd9b4..5ec31476b 100644 --- a/java-client/build.gradle.kts +++ b/java-client/build.gradle.kts @@ -183,7 +183,7 @@ dependencies { val jacksonDatabindVersion = "2.20.1" // Apache 2.0 - api("commons-logging:commons-logging:1.3.5") + api("commons-logging:commons-logging:1.3.6") compileOnly("org.opensearch.client", "opensearch-rest-client", opensearchVersion) testImplementation("org.hamcrest:hamcrest:3.0") testImplementation("com.carrotsearch.randomizedtesting:randomizedtesting-runner:2.8.4") {