Skip to content

deps: update dependency org.apache.commons:commons-lang3 to v3.18.0 [security] #2139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 28, 2025
Merged

deps: update dependency org.apache.commons:commons-lang3 to v3.18.0 [security] #2139

merged 1 commit into from
Jul 28, 2025

Conversation

@renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Jul 12, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.apache.commons:commons-lang3 (source) 3.17.0 -> 3.18.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2025-48924

Uncontrolled Recursion vulnerability in Apache Commons Lang.

This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0.

The methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a StackOverflowError could cause an application to stop.

Users are recommended to upgrade to version 3.18.0, which fixes the issue.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate-bot renovate-bot requested review from a team as code owners July 12, 2025 01:33
@product-auto-label product-auto-label bot added size: xs Pull request size is extra small. api: spanner Issues related to the googleapis/java-spanner-jdbc API. labels Jul 12, 2025
@dpebot
Copy link

dpebot commented Jul 12, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 9a67d67 to 8a4076d Compare July 12, 2025 01:37
@dpebot
Copy link

dpebot commented Jul 12, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 8a4076d to b3b1939 Compare July 12, 2025 06:44
@dpebot
Copy link

dpebot commented Jul 12, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from b3b1939 to fd5401d Compare July 12, 2025 08:40
@dpebot
Copy link

dpebot commented Jul 12, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from fd5401d to 744d76c Compare July 12, 2025 14:47
@dpebot
Copy link

dpebot commented Jul 12, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 744d76c to 78e40c3 Compare July 12, 2025 18:12
@dpebot
Copy link

dpebot commented Jul 12, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 78e40c3 to fab23f1 Compare July 12, 2025 21:09
@dpebot
Copy link

dpebot commented Jul 12, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 27, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 7e55ae5 to cbbe907 Compare July 27, 2025 13:52
@dpebot
Copy link

dpebot commented Jul 27, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 27, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 27, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from cbbe907 to 8613e5c Compare July 27, 2025 18:46
@dpebot
Copy link

dpebot commented Jul 27, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 27, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 27, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 8613e5c to 2b2995b Compare July 27, 2025 21:03
@dpebot
Copy link

dpebot commented Jul 27, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 27, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 27, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 2b2995b to 7d2f737 Compare July 28, 2025 03:15
@dpebot
Copy link

dpebot commented Jul 28, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 28, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 28, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 7d2f737 to 9ec7825 Compare July 28, 2025 06:31
@dpebot
Copy link

dpebot commented Jul 28, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 28, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 28, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch from 9ec7825 to 9f706a6 Compare July 28, 2025 08:41
@dpebot
Copy link

dpebot commented Jul 28, 2025

/gcbrun

@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 28, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 28, 2025
@olavloite olavloite merged commit a12e520 into googleapis:main Jul 28, 2025
24 checks passed
@release-please release-please bot mentioned this pull request Jul 28, 2025
Merged
@renovate-bot renovate-bot deleted the renovate/maven-org.apache.commons-commons-lang3-vulnerability branch July 28, 2025 09:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@olavloite olavloite olavloite approved these changes

Assignees

No one assigned

Labels

api: spanner Issues related to the googleapis/java-spanner-jdbc API. size: xs Pull request size is extra small.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@renovate-bot @dpebot @olavloite @yoshi-kokoro