SUSE-RU-2024:1764-2: moderate: Recommended update for jackson
SLE-UPDATES
null at suse.de
Wed Aug 28 16:30:20 UTC 2024
# Recommended update for jackson
Announcement ID: SUSE-RU-2024:1764-2
Rating: moderate
References:
Affected Products:
* openSUSE Leap 15.6
An update that can now be installed.
## Description:
This update for jackson fixes the following issues:
jackson-annotations was upgraded to version 2.16.1:
* Added new OptBoolean valued property in @JsonTypeInfo to allow per-type
configuration of strict type id handling
* Allow per-type configuration of strict type id handling
* Added JsonTypeInfo.Value object (backport from 3.0)
* Added new JsonTypeInfo.Id.SIMPLE_NAME
jackson-bom was upgraded to version 2.16.1:
* Added dependency for jackson-module-android-record. This new module offers
support for Record type on Android platform, where Java records are
supported through "de-sugaring"
jackson-core was upgraded to version 2.16.1:
* NPE in Version.equals() if snapshot-info null
* NPE in "FastDoubleParser", method "JavaBigDecimalParser.parseBigDecimal()"
* JsonPointer.append(JsonPointer.tail()) includes the original pointer
* Change StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION default to false in
Jackson 2.16
* Improve error message for StreamReadConstraints violations
* JsonFactory implementations should respect CANONICALIZE_FIELD_NAMES
* Root cause for failing test for testMangledIntsBytes() in
ParserErrorHandlingTest
* Allow all array elements in JsonPointerBasedFilter
* Indicate explicitly blocked sources as "REDACTED" instead of "UNKNOWN" in
JsonLocation
* Start using AssertJ in unit tests
* Allow configuring spaces before and/or after the colon in
DefaultPrettyPrinter (for Canonical JSON)
* Add configurable limit for the maximum number of bytes/chars of content to
parse before failing
* Add configurable limit for the maximum length of Object property names to
parse before failing
* Add configurable processing limits for JSON generator
(StreamWriteConstraints)
* Compare _snapshotInfo in Version
* Add JsonGeneratorDecorator to allow decorating JsonGenerators
* Add full set of BufferRecyclerPool implementations
* Add configurable error report behavior via ErrorReportConfiguration
* Make ByteSourceJsonBootstrapper use StringReader for < 8KiB byte[] inputs
* Allow pluggable buffer recycling via new RecyclerPool extension point
* Change parsing error message to mention -INF
jackson-databind was upgraded to version 2.16.1:
* JsonSetter(contentNulls = FAIL) is ignored in delegating @JsonCreator
argument
* Primitive array deserializer not being captured by DeserializerModifier
* JsonNode.findValues() and findParents() missing expected values in 2.16.0
* Incorrect deserialization for BigDecimal numbers
* Add a way to configure caches Jackson uses
* Mix-ins do not work for Enums
* Map deserialization results in different numeric classes based on json
ordering (BigDecimal / Double) when used in combination with @JsonSubTypes
* Generic class with generic field of runtime type Double is deserialized as
BigDecimal when used with @JsonTypeInfo and
JsonTypeInfo.As.EXISTING_PROPERTY
* Combination of @JsonUnwrapped and @JsonAnySetter results in BigDecimal
instead of Double
* @JsonIgnoreProperties not working with @JsonValue
* Deprecated JsonNode.with(String) suggests using JsonNode.withObject(String)
but it is not the same thing
* Difference in the handling of ObjectId-property inJsonIdentityInfo depending
on the deserialization route
* Add new OptBoolean valued property in @JsonTypeInfo, handling, to allow per-
polymorphic type loose Type Id handling
* Fixed regression in 2.15.0 that reaks deserialization for records when
mapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE)
* Incorrect target type when disabling coercion, trying to deserialize String
from Array/Object
* @JsonProperty on constructor parameter changes default field serialization
order
* Create new JavaType subtype IterationType (extending SimpleType)
* Use JsonTypeInfo.Value for annotation handling
* Add JsonNodeFeature.WRITE_PROPERTIES_SORTED for sorting ObjectNode
properties on serialization (for Canonical JSON)
* Optimize ObjectNode findValue(s) and findParent(s) fast paths
* Locale "" is deserialised as null if ACCEPT_EMPTY_STRING_AS_NULL_OBJECT is
enabled
* Add guardrail setting for TypeParser handling of type parameters
* Use @JsonProperty for Enum values also when READ_ENUMS USING_TO_STRING
enabled
* Fix Enum deserialization to use @JsonProperty, @JsonAlias even if
EnumNamingStrategy used
* Use @JsonProperty and lowercase feature when serializing Enums despite using
toString()
* Use @JsonProperty over EnumNamingStrategy for Enum serialization
* Actually cache EnumValues#internalMap
* ObjectMapper.valueToTree() will ignore the configuration
SerializationFeature.WRAP_ROOT_VALUE
* Provide the "ObjectMapper.treeToValue(TreeNode, TypeReference)" method
* Expose NativeImageUtil.isRunningInNativeImage() method
* Add JsonTypeInfo.Id.SIMPLE_NAME which defaults type id to
Class.getSimpleName()
* Impossible to deserialize custom Throwable sub-classes that do not have
single-String constructors
* java.desktop module is no longer optional
* ClassUtil fails with java.lang.reflect.InaccessibleObjectException trying to
setAccessible on OptionalInt with JDK 17+
* Support sequenced collections (JDK 21)
* Add withObjectProperty(String), withArrayProperty(String) in JsonNode
* Change JsonNode.withObject(String) to work similar to withArray() wrt
argument
* Log WARN if deprecated subclasses of PropertyNamingStrategy is used
* NPE when transforming a tree to a model class object, at
ArrayNode.elements()
* Deprecated ObjectReader.withType(Type) has no direct replacement; need
forType(Type)
* Add new DefaultTyping.NON_FINAL_AND_ENUMS to allow Default Typing for Enums
* Do not rewind position when serializing direct ByteBuffer
* Exception when deserialization of private record with default constructor
* BeanDeserializer updates currentValue incorrectly when deserialising empty
Object
jackson-dataformats-binary was upgraded to version 2.16.1:
* (ion) NullPointerException in IonParser.nextToken()
* (smile) Remove Smile-specific buffer-recycling
jackson-modules-base was upgraded to version 2.16.1:
* (afterburner) Disable when running in native-image
* (afterburner) IncompatibleClassChangeError when deserializing a class
implementing an interface with default get/set implementations
* (blackbird) BlackBird proxy object error in Java 17
* (blackbird) Disable when running in native-image
* (guice) Add guice7 (jakarta.inject) module
jackson-parent was upgraded to version 2.16:
* Upgrade to oss-parent 56 (tons of plugin updates to resolve Maven warnings,
new Moditect plugin)
jackson-parent, fasterxml-oss-parent:
* Added to SUSE Manager 4.3 as it is needed by `jackson-modules-base`
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1764=1
## Package List:
* openSUSE Leap 15.6 (noarch)
* jackson-module-mrbean-2.16.1-150200.5.11.1
* jackson-annotations-javadoc-2.16.1-150200.3.14.4
* jackson-dataformat-cbor-2.16.1-150200.3.13.6
* jackson-core-2.16.1-150200.3.14.7
* jackson-dataformats-binary-javadoc-2.16.1-150200.3.13.6
* jackson-dataformats-binary-2.16.1-150200.3.13.6
* jackson-module-paranamer-2.16.1-150200.5.11.1
* jackson-module-jaxb-annotations-2.16.1-150200.5.11.1
* jackson-modules-base-2.16.1-150200.5.11.1
* fasterxml-oss-parent-38-150200.3.2.1
* jackson-modules-base-javadoc-2.16.1-150200.5.11.1
* jackson-module-no-ctor-deser-2.16.1-150200.5.11.1
* jackson-core-javadoc-2.16.1-150200.3.14.7
* jackson-bom-2.16.1-150200.3.11.1
* jackson-dataformat-smile-2.16.1-150200.3.13.6
* jackson-module-guice-2.16.1-150200.5.11.1
* jackson-module-blackbird-2.16.1-150200.5.11.1
* jackson-parent-2.16-150200.3.10.1
* jackson-databind-2.16.1-150200.3.18.1
* jackson-databind-javadoc-2.16.1-150200.3.18.1
* jackson-module-osgi-2.16.1-150200.5.11.1
* jackson-annotations-2.16.1-150200.3.14.4
* jackson-module-afterburner-2.16.1-150200.5.11.1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20240828/4a0159b3/attachment.htm>
More information about the sle-updates
mailing list