Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump scala-compiler from 2.8.1 to 2.10.7 in /alvisae-ws #5

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 2, 2020

Bumps scala-compiler from 2.8.1 to 2.10.7.

Release notes

Sourced from scala-compiler's releases.

Scala 2.10.7 is a maintenance release to bring (partial) Java 9 support to the sbt 0.13 series. A total of three pending backports were merged.

This release addresses (#6128) a privilege escalation vulnerability that was identified in the Scala compilation daemon CVE-2017-15288.

We strongly encourage you to upgrade to the latest stable version of Scala 2.12.x, as the 2.10.x series is no longer actively maintained.

There is a known bug on Java 9 involving the repl: the workaround is to launch it as scala -nobootcp.

More information about the Scala 2.10 series is available in the release notes for Scala 2.10.4. A few more bugs were fixed since then in 2.10.5.

Scala 2.10.6 resolves a license incompatibility in scala.util.Sorting, but is otherwise identical to Scala 2.10.5. A total of three pending backports were merged.

We strongly encourage you to upgrade to the latest stable version of Scala 2.11.x, as the 2.10.x series is no longer actively maintained.

Scala IDE

The current release of Scala IDE supports any 2.10.x release, and is available on the download site.

Release Notes for the Scala 2.10 Series

The release notes for the Scala 2.10 series, which also apply to the current minor release, are available in the release notes for Scala 2.10.4. They contain important information such as:

  • The specification of binary compatibility between minor releases.
  • Details on new features, important changes and deprecations in Scala 2.10.

Scala 2.10.4

The release is available for download from scala-lang.org or from Maven Central.

Scala IDE for Eclipse

The Scala IDE with this release built right in is available through the following update-site for Eclipse 4.2/4.3 (Juno/Kepler):

  • Development version (Scala IDE 3.0.3-rc3 on Scala 2.10.4)
  • Stable version (will have 2.10.4 as soon as Scala IDE 3.0.3-vfinal is released)

Have a look at the getting started guide for more info.

New features in the 2.10 series

Since 2.10.4 is strictly a bug-fix release, here's an overview of the most prominent new features and improvements as introduced in 2.10.0:

... (truncated)
Commits
  • 89e57bc Merge pull request #6113 from retronym/backport/reflection
  • 4b84876 Move ASM sources back to the original location
  • 2ae75e9 Fixup cherrypick of test case
  • 7e1a4b9 Add MiMa whitelist entries
  • efbd9d5 Limit use of java file manager to JDK 9
  • cd36647 Static calls to interfaces are only allowed with 1.8 classfiles
  • 69b79ba Support -target:jvm1.8, needed to call static methods on Java interfaces
  • c3d8750 Update to scala-asm v5.2.0-scala-2
  • 9ad4757 [backport] SI-9393 fix modifiers of Java annotations
  • ac0c3fc Backport suport for Java 9 platform classpath
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants