From 2b7887d0bab1e0534f1616f3b64a28d7a57518d6 Mon Sep 17 00:00:00 2001
From: Mend Renovate <bot@renovateapp.com>
Date: Tue, 17 Oct 2023 21:28:19 +0200
Subject: [PATCH] deps: update dependency org.json:json to v20231013 [security]
 (#2278)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [org.json:json](https://togithub.com/douglascrockford/JSON-java) | `20230618` -> `20231013` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.json:json/20231013?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.json:json/20231013?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.json:json/20230618/20231013?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.json:json/20230618/20231013?slim=true)](https://docs.renovatebot.com/merge-confidence/) |

### GitHub Vulnerability Alerts

#### [CVE-2023-5072](https://nvd.nist.gov/vuln/detail/CVE-2023-5072)

Denial of Service  in JSON-Java versions prior to 20230618.  A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.

---

### Release Notes

<details>
<summary>douglascrockford/JSON-java (org.json:json)</summary>

### [`v20231013`](https://togithub.com/stleary/JSON-java/releases/tag/20231013)

[Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20230618...20231013)

| Pull Request | Description |
|-----|-----|
|[#&#8203;793](https://togithub.com/douglascrockford/JSON-java/issues/793)| Reverted [#&#8203;761](https://togithub.com/douglascrockford/JSON-java/issues/761)|
|[#&#8203;792](https://togithub.com/douglascrockford/JSON-java/issues/792)| update the docs for release [`2023101`](https://togithub.com/douglascrockford/JSON-java/commit/20231013)|
|[#&#8203;783](https://togithub.com/douglascrockford/JSON-java/issues/783) |optLong vs getLong inconsistencies| 
|[#&#8203;782](https://togithub.com/douglascrockford/JSON-java/issues/782)| Fix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows|
|[#&#8203;779](https://togithub.com/douglascrockford/JSON-java/issues/779) |add validity check for JSONObject constructors|
|[#&#8203;778](https://togithub.com/douglascrockford/JSON-java/issues/778) |Fix XMLTest.testIndentComplicatedJsonObjectWithArrayAndWithConfig() for Windows|
|[#&#8203;776](https://togithub.com/douglascrockford/JSON-java/issues/776) |Update \[JUnit to version 4.13.2|
|[#&#8203;774](https://togithub.com/douglascrockford/JSON-java/issues/774) |Removing unneeded synchronization|
|[#&#8203;773](https://togithub.com/douglascrockford/JSON-java/issues/773) |Add optJSONArray method to JSONObject with a default value|
|[#&#8203;772](https://togithub.com/douglascrockford/JSON-java/issues/772) |Disallow nested objects and arrays as keys in objects|
|[#&#8203;779](https://togithub.com/douglascrockford/JSON-java/issues/779) |Unit test cleanup|
|[#&#8203;769](https://togithub.com/douglascrockford/JSON-java/issues/769) |Addressed Java 17 compile warnings|
|[#&#8203;764](https://togithub.com/douglascrockford/JSON-java/issues/764)| Update CodeQL action version|
|[#&#8203;761](https://togithub.com/douglascrockford/JSON-java/issues/761) |Add module-info|
|[#&#8203;759](https://togithub.com/douglascrockford/JSON-java/issues/759) |JSON parsing should detect embedded |
|[#&#8203;753](https://togithub.com/douglascrockford/JSON-java/issues/753)| Updated new object methods|
|[#&#8203;752](https://togithub.com/douglascrockford/JSON-java/issues/752)|Fixes possible unit test bug when compiling/testing on Windows|

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/java-bigquerystorage).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xOS4yIiwidXBkYXRlZEluVmVyIjoiMzcuMTkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index c4292a290e..a85dcf69f8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -118,7 +118,7 @@
       <dependency>
         <groupId>org.json</groupId>
         <artifactId>json</artifactId>
-        <version>20230618</version>
+        <version>20231013</version>
       </dependency>
 
 
