Skip to content

Bump zip4j from 2.3.0 to 2.7.0#208

Open
dependabot-preview[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/net.lingala.zip4j-zip4j-2.7.0
Open

Bump zip4j from 2.3.0 to 2.7.0#208
dependabot-preview[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/net.lingala.zip4j-zip4j-2.7.0

Conversation

@dependabot-preview
Copy link
Copy Markdown
Contributor

@dependabot-preview dependabot-preview bot commented Feb 15, 2021

Bumps zip4j from 2.3.0 to 2.7.0.

Release notes

Sourced from zip4j's releases.

v2.7.0

New Features:

  • #216 Set buffer size from ZipFile
  • #278 Option to skip extracting symlinks when extracting zip files

Improvements:

  • #256 Improve message in exception for EncryptionMethod.ZIP_STANDARD_VARIANT_STRONG
  • #266 Change default unix permissions to 644

Bugs:

  • #259 Fix bug when charset is explicitly set to utf-8
  • #263 ZipFile can be constructed with a null File causing NPE some time later
  • #268 File attributes of zipped folders are not applied on extraction
  • #274 Consider external file attributes as well to set directory flag
  • #279 Skip reading until end of entry only for files when data descriptor is set
  • #282 Convert password to utf-8 before encrypting
  • #284 Improve password verification for Zip Standard decryption

v2.6.4

Improvements:

#239 Check if file exists before adding the file to zip #249 Bump junit from 4.12 to 4.13.1 #250 Use Collections.sort instead of List.sort for older Android version compatibility

Bug fixes:

#246 Can't create big archive when zipFile reference not reinitialized

v2.6.3

Improvements:

#241 Switch to SecureRandom for encryption randomness

v2.6.2

Improvements:

Bug:

  • #204 Thread for unzipping does not exit when run in another thread
  • #220 Fix entry deletion issue when central directory entries are in different order than local entries
  • #228 Handle Strong encryption with proper error message
  • #231 Missing unix permissions when adding file via stream

... (truncated)

Commits
  • bc352fb Release v2.7.0
  • 7eebad3 #281 Add more info to exception message
  • 2086796 #284 Improve password verification for Zip Standard decryption
  • cfbf1c4 Revert "Improve password verification during Zip Standard decryption"
  • fd4a7c3 #216 Allow buffer size to be configured
  • a59f424 #256 Meaningful exception message for zip strong encryption
  • 197fca0 Improve password verification during Zip Standard decryption
  • 7447ea6 #263 Throw IllegalArgumentException when zip file parameter is null
  • 1e98d3e #259 Fix bug when charset is explicitly set to utf-8
  • 5df4491 #266 Change default unix permissions from 600 to 644
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview
Bump zip4j from 2.3.0 to 2.7.0
a91daa0 
Bumps [zip4j](https://github.com/srikanth-lingala/zip4j) from 2.3.0 to 2.7.0.
- [Release notes](https://github.com/srikanth-lingala/zip4j/releases)
- [Commits](srikanth-lingala/zip4j@v2.3.0...v2.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview dependabot-preview bot mentioned this pull request Feb 15, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants