Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
deps: update dependency org.json:json to v20231013 [security] (#2278)
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.json:json](https://togithub.com/douglascrockford/JSON-java) | `20230618` -> `20231013` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.json:json/20231013?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.json:json/20231013?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.json:json/20230618/20231013?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.json:json/20230618/20231013?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2023-5072](https://nvd.nist.gov/vuln/detail/CVE-2023-5072) Denial of Service in JSON-Java versions prior to 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. --- ### Release Notes <details> <summary>douglascrockford/JSON-java (org.json:json)</summary> ### [`v20231013`](https://togithub.com/stleary/JSON-java/releases/tag/20231013) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20230618...20231013) | Pull Request | Description | |-----|-----| |[#​793](https://togithub.com/douglascrockford/JSON-java/issues/793)| Reverted [#​761](https://togithub.com/douglascrockford/JSON-java/issues/761)| |[#​792](https://togithub.com/douglascrockford/JSON-java/issues/792)| update the docs for release [`2023101`](https://togithub.com/douglascrockford/JSON-java/commit/20231013)| |[#​783](https://togithub.com/douglascrockford/JSON-java/issues/783) |optLong vs getLong inconsistencies| |[#​782](https://togithub.com/douglascrockford/JSON-java/issues/782)| Fix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows| |[#​779](https://togithub.com/douglascrockford/JSON-java/issues/779) |add validity check for JSONObject constructors| |[#​778](https://togithub.com/douglascrockford/JSON-java/issues/778) |Fix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows| |[#​776](https://togithub.com/douglascrockford/JSON-java/issues/776) |Update \[JUnit to version 4.13.2| |[#​774](https://togithub.com/douglascrockford/JSON-java/issues/774) |Removing unneeded synchronization| |[#​773](https://togithub.com/douglascrockford/JSON-java/issues/773) |Add optJSONArray method to JSONObject with a default value| |[#​772](https://togithub.com/douglascrockford/JSON-java/issues/772) |Disallow nested objects and arrays as keys in objects| |[#​779](https://togithub.com/douglascrockford/JSON-java/issues/779) |Unit test cleanup| |[#​769](https://togithub.com/douglascrockford/JSON-java/issues/769) |Addressed Java 17 compile warnings| |[#​764](https://togithub.com/douglascrockford/JSON-java/issues/764)| Update CodeQL action version| |[#​761](https://togithub.com/douglascrockford/JSON-java/issues/761) |Add module-info| |[#​759](https://togithub.com/douglascrockford/JSON-java/issues/759) |JSON parsing should detect embedded | |[#​753](https://togithub.com/douglascrockford/JSON-java/issues/753)| Updated new object methods| |[#​752](https://togithub.com/douglascrockford/JSON-java/issues/752)|Fixes possible unit test bug when compiling/testing on Windows| </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/java-bigquerystorage). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xOS4yIiwidXBkYXRlZEluVmVyIjoiMzcuMTkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
- Loading branch information