Skip to content

Bump org.mozilla:rhino from 1.8.0 to 1.9.0#172

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/org.mozilla-rhino-1.9.0
Closed

Bump org.mozilla:rhino from 1.8.0 to 1.9.0#172
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/org.mozilla-rhino-1.9.0

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Dec 23, 2025
edited
Loading

Bumps org.mozilla:rhino from 1.8.0 to 1.9.0.

Release notes

Sourced from org.mozilla:rhino's releases.

Rhino 1.9.0

This release represents about a year of work on Rhino by a growing team of contributors.

Some of the improvements include:

  • Compatibility improvements in areas like destructuring and spread syntax.
  • Performance improvements from 10 to 30% in benchmarks like Delta Blue, Earley-Boyer, and Crypto in both interpreted and compiled mode
  • Better support for generics and other things when Java integration is used.

Some other improvements:

JavaScript Language Updates:

  • ES6+: Significant advancements in destructuring, spread syntax for arrays/objects, Symbol API, and improved let/const scoping. TypedArray.from/of and BigInt.asUintN/asIntN fixes.
  • RegExp: New features like named capture groups, lookbehind assertions, and Unicode mode support.
  • Future ES (ES2024/2025): Early implementation of proposals such as Promise.withResolvers, Promise.try, ArrayBuffer transfer methods, and new Set methods.

Core Engine Enhancements:

  • Major Refactoring: Extensive migration of built-in objects to a lambda-based architecture and a comprehensive overhaul of the interpreter bytecodes for better performance and maintainability.
  • Concurrency & Interop: Continued focus on thread safety improvements and enhanced Java interoperability, including better generics support.

Going forward -- we have lots of plans for Rhino, including some changes that may affect compatibility for projects that embed Rhino into larger frameworks. We think that these changes will be worth it because they will unlock better language compatibility and performance.

As such, the next version going forward will be 2.0.0-SNAPSHOT.

16 different contributors gave their time and energy to Rhino 1.9.0.

Thanks to everyone who contributed!

New Contributors

Full Changelog: mozilla/rhino@Rhino1_8_0_Release...Rhino1_9_0_Release

... (truncated)

Changelog

Sourced from org.mozilla:rhino's changelog.

Rhino 1.9.0

December 22, 2025

This release represents about a year of work on Rhino by a growing team of contributors.

Some of the improvements include:

  • Compatibility improvements in areas like destructuring and spread syntax.
  • Performance improvements from 10 to 30% in benchmarks like Delta Blue, Earley-Boyer, and Crypto in both interpreted and compiled mode
  • Better support for generics and other things when Java integration is used.

Some other improvements:

JavaScript Language Updates:

  • ES6+: Significant advancements in destructuring, spread syntax for arrays/objects, Symbol API, and improved let/const scoping. TypedArray.from/of and BigInt.asUintN/asIntN fixes.
  • RegExp: New features like named capture groups, lookbehind assertions, and Unicode mode support.
  • Future ES (ES2024/2025): Early implementation of proposals such as Promise.withResolvers, Promise.try, ArrayBuffer transfer methods, and new Set methods.

Core Engine Enhancements:

  • Major Refactoring: Extensive migration of built-in objects to a lambda-based architecture and a comprehensive overhaul of the interpreter bytecodes for better performance and maintainability.
  • Concurrency & Interop: Continued focus on thread safety improvements and enhanced Java interoperability, including better generics support.

Going forward -- we have lots of plans for Rhino, including some changes that may affect compatibility for projects that embed Rhino into larger frameworks. We think that these changes will be worth it because they will unlock better language compatibility and performance.

As such, the next version going forward will be 2.0.0-SNAPSHOT.

Thanks to everyone who contributed!

Rhino 1.8.1, Rhino 1.7.15.1, Rhino 1.7.14.1

December 2, 2025

These releases fix a bug in the code that formats floating-point numbers into strings that could result in very bad performance in some cases.

We recommend that all users of Rhino upgrade to release 1.8.1 if possible, and upgrade to Java 17 or 21.

Users who need an older release, or who cannot yet leave Java 8, can also

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Dec 23, 2025
@dependabot
Bump org.mozilla:rhino from 1.8.0 to 1.9.0
32d0682 
Bumps [org.mozilla:rhino](https://github.com/mozilla/rhino) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/mozilla/rhino/releases)
- [Changelog](https://github.com/mozilla/rhino/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/mozilla/rhino/commits)

---
updated-dependencies:
- dependency-name: org.mozilla:rhino
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/maven/org.mozilla-rhino-1.9.0 branch from 01fb6f9 to 32d0682 Compare December 30, 2025 16:04
@MarkEWaite MarkEWaite closed this Jan 10, 2026
@MarkEWaite MarkEWaite deleted the dependabot/maven/org.mozilla-rhino-1.9.0 branch January 10, 2026 17:14
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jan 10, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MarkEWaite