Bump com.maxmind.geoip2:geoip2 from 5.0.2 to 5.1.0

[dependabot]

Bumps com.maxmind.geoip2:geoip2 from 5.0.2 to 5.1.0.

Release notes

Sourced from com.maxmind.geoip2:geoip2's releases.

5.1.0

• Updated maxmind-db dependency to 4.1.0. This release fixes an issue with unbounded off-heap memory growth when using FileMode.MEMORY and a latent short-read bug when loading databases larger than 2GB into memory.
• Added WebServiceClient.Builder.maxRetries(int) to bound transport-failure retries (default 1; set 0 to disable). See the README for retry semantics. Behavior change: previously, transient transport failures (connection reset, broken pipe, etc.) surfaced to callers immediately. They are now retried once by default; pass .maxRetries(0) to restore the prior behavior.

Changelog

Sourced from com.maxmind.geoip2:geoip2's changelog.

5.1.0 (2026-05-12)

• Updated maxmind-db dependency to 4.1.0. This release fixes an issue with unbounded off-heap memory growth when using FileMode.MEMORY and a latent short-read bug when loading databases larger than 2GB into memory.
• Added WebServiceClient.Builder.maxRetries(int) to bound transport-failure retries (default 1; set 0 to disable). See the README for retry semantics. Behavior change: previously, transient transport failures (connection reset, broken pipe, etc.) surfaced to callers immediately. They are now retried once by default; pass .maxRetries(0) to restore the prior behavior.

Commits

• d6ab648 Preparing for 5.1.0
• 08024f9 Set release date
• 0b925c1 Update lock file
• 47c6e6f Update maxmind-db to 4.1.0
• b232d27 Merge pull request #698 from maxmind/dependabot/maven/com.jcabi-jcabi-matcher...
• a8950f3 Merge pull request #697 from maxmind/dependabot/maven/com.puppycrawl.tools-ch...
• 6217e30 Bump com.jcabi:jcabi-matchers from 1.8.0 to 1.9.0
• a92ca45 Bump com.puppycrawl.tools:checkstyle from 13.4.1 to 13.4.2
• 77defec Merge pull request #693 from maxmind/greg/stf-322
• 716c849 STF-322: Bump CHANGELOG version to 5.1.0 per review
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[deepsource-io]

DeepSource Code Review

We reviewed changes in 60ffb5a...d49d2ac on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade

Security   Reliability   Complexity   Hygiene   Coverage

Code Review Summary

Analyzer	Status	Updated (UTC)	Details
Java		May 19, 2026 6:02a.m.	Review ↗
Code coverage		May 19, 2026 6:02a.m.	Review ↗

Code Coverage Summary

Language	Line Coverage (Overall)
Aggregate	100%
Java	100%

➟ Additional coverage metrics may have been reported. See full coverage report ↗

---

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.