Merge branch 'master' into dependabot/maven/com.google.protobuf-proto…

…buf-java-3.25.1
awslabs · Dec 2, 2023 · d3c565b · d3c565b
2 parents 690fbac + 58f079c
commit d3c565b
Show file tree

Hide file tree

Showing 9 changed files with 35 additions and 21 deletions.
diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml
@@ -1,21 +1,35 @@
-name: Dependabot auto-approve
-on: pull_request
+name: Dependabot reviewer
+
+on: pull_request_target
 
 permissions:
   pull-requests: write
+  contents: write
 
 jobs:
-  dependabot:
+  review-dependabot-pr:
     runs-on: ubuntu-latest
-    if: github.actor == 'dependabot[bot]'
+    if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
     steps:
       - name: Dependabot metadata
-        id: metadata
+        id: dependabot-metadata
         uses: dependabot/fetch-metadata@v1
-        with:
-          github-token: "${{ secrets.GITHUB_TOKEN }}"
-      - name: Approve a PR
-        run: gh pr review --approve "$PR_URL"
+      - name: Enable auto-merge for Dependabot PRs
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+      - name: Approve patch and minor updates
+        if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor'}}
+        run: gh pr review $PR_URL --approve -b "I'm **approving** this pull request because **it includes a patch or minor update**"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+      - name: Comment on major updates of non-development dependencies
+        if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major'}}
+        run: |
+          gh pr comment $PR_URL --body "I'm **not approving** this PR because **it includes a major update of a dependency**"
+          gh pr edit $PR_URL --add-label "requires-manual-qa"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
           GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
diff --git a/athena-cloudera-impala/pom.xml b/athena-cloudera-impala/pom.xml
@@ -65,7 +65,7 @@
         <dependency>
             <groupId>com.github.spotbugs</groupId>
             <artifactId>spotbugs-annotations</artifactId>
-            <version>4.8.0</version>
+            <version>4.8.2</version>
             <scope>compile</scope>
         </dependency>
     </dependencies>

diff --git a/athena-db2-as400/pom.xml b/athena-db2-as400/pom.xml
@@ -31,7 +31,7 @@
         <dependency>
             <groupId>net.sf.jt400</groupId>
             <artifactId>jt400</artifactId>
-            <version>20.0.3</version>
+            <version>20.0.6</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-rds -->
         <dependency>

diff --git a/athena-db2/pom.xml b/athena-db2/pom.xml
@@ -31,7 +31,7 @@
         <dependency>
             <groupId>com.ibm.db2</groupId>
             <artifactId>jcc</artifactId>
-            <version>11.5.8.0</version>
+            <version>11.5.9.0</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-rds -->
         <dependency>

diff --git a/athena-google-bigquery/pom.xml b/athena-google-bigquery/pom.xml
@@ -75,7 +75,7 @@
         <dependency>
             <groupId>nl.jqno.equalsverifier</groupId>
             <artifactId>equalsverifier</artifactId>
-            <version>3.15.2</version>
+            <version>3.15.4</version>
             <scope>test</scope>
         </dependency>
         <dependency>

diff --git a/athena-jdbc/pom.xml b/athena-jdbc/pom.xml
@@ -112,7 +112,7 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-text</artifactId>
-            <version>1.10.0</version>
+            <version>1.11.0</version>
         </dependency>
         <dependency>
             <groupId>org.antlr</groupId>
@@ -211,7 +211,7 @@
         <dependency>
             <groupId>com.github.spotbugs</groupId>
             <artifactId>spotbugs-annotations</artifactId>
-            <version>4.8.0</version>
+            <version>4.8.2</version>
             <scope>compile</scope>
         </dependency>
     </dependencies>

diff --git a/athena-neptune/pom.xml b/athena-neptune/pom.xml
@@ -61,7 +61,7 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-text</artifactId>
-            <version>1.10.0</version>
+            <version>1.11.0</version>
         </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>

diff --git a/athena-redis/pom.xml b/athena-redis/pom.xml
@@ -106,7 +106,7 @@
         <dependency>
             <groupId>io.lettuce</groupId>
             <artifactId>lettuce-core</artifactId>
-            <version>6.2.6.RELEASE</version>
+            <version>6.3.0.RELEASE</version>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>

diff --git a/pom.xml b/pom.xml
@@ -17,18 +17,18 @@
         <aws.lambda-java-core.version>1.2.2</aws.lambda-java-core.version>
         <aws.lambda-java-log4j2.version>1.5.1</aws.lambda-java-log4j2.version>
         <aws-cdk.version>1.204.0</aws-cdk.version>
-        <jsii.version>1.90.0</jsii.version>
+        <jsii.version>1.92.0</jsii.version>
         <slf4j-log4j.version>2.0.9</slf4j-log4j.version>
         <mockito.version>4.11.0</mockito.version>
         <junit.version>4.13.2</junit.version>
         <jqwik.version>1.8.1</jqwik.version>
         <assertj.version>3.24.2</assertj.version>
         <testng.version>7.8.0</testng.version>
-        <fasterxml.jackson.version>2.15.3</fasterxml.jackson.version>
+        <fasterxml.jackson.version>2.16.0</fasterxml.jackson.version>
         <surefire.failsafe.version>3.2.2</surefire.failsafe.version>
         <log4j2Version>2.21.1</log4j2Version>
         <apache.arrow.version>13.0.0</apache.arrow.version>
-        <netty.version>4.1.100.Final</netty.version>
+        <netty.version>4.1.101.Final</netty.version>
         <guava.version>32.1.3-jre</guava.version>
         <protobuf3.version>3.25.1</protobuf3.version>
         <antlr.st4.version>4.3.4</antlr.st4.version>
@@ -51,7 +51,7 @@
             <dependency>
                 <groupId>org.junit</groupId>
                 <artifactId>junit-bom</artifactId>
-                <version>5.10.0</version>
+                <version>5.10.1</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>