You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@seatunnel.apache.org by GitBox <gi...@apache.org> on 2022/09/30 15:35:58 UTC

[GitHub] [incubator-seatunnel] dependabot[bot] opened a new pull request, #2962: Bump pulsar-broker from 2.8.0 to 2.8.4 in /seatunnel-connectors-v2/connector-pulsar

dependabot[bot] opened a new pull request, #2962:
URL: https://github.com/apache/incubator-seatunnel/pull/2962

   Bumps [pulsar-broker](https://github.com/apache/pulsar) from 2.8.0 to 2.8.4.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a href="https://github.com/apache/pulsar/releases">pulsar-broker's releases</a>.</em></p>
   <blockquote>
   <h2>v2.8.3</h2>
   <h3>Important Notices</h3>
   <ul>
   <li>Fix detecting number of NICs in EC2 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14252">#14252</a>. In the event that Pulsar cannot determine the NIC speed from the host, please set <code>loadBalancerOverrideBrokerNicSpeedGbps</code>.</li>
   <li>Bump BookKeeper 4.14.3 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/12906">12906</a></li>
   <li>Add broker config <code>isAllowAutoUpdateSchema</code> <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/12786">12786</a></li>
   </ul>
   <h3>Security</h3>
   <ul>
   <li>Upgrade Postgres driver to 42.2.25 to get rid of CVE-2022-21724 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14119">14119</a></li>
   <li>Get rid of CVEs in Solr connector <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13822">13822</a></li>
   <li>Get rid of CVEs in InfluxDB connector <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13821">13821</a></li>
   <li>Get rid of CVEs in batch-data-generator <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13820">13820</a></li>
   <li>Get rid of CVEs brought in with aerospike <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13819">13819</a></li>
   <li>[owasp] suppress false positive Avro CVE-2021-43045 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13764">13764</a></li>
   <li>Upgrade protobuf to 3.16.1 to address CVE-2021-22569 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13695">13695</a></li>
   <li>Upgrade Jackson to 2.12.6 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13694">13694</a></li>
   <li>Upgrade Log4j to 2.17.1 to address CVE-2021-44832 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13552">13552</a></li>
   <li>Cipher params not work in KeyStoreSSLContext <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13322">13322</a></li>
   <li>[Broker] Remove tenant permission verification when list partitioned-topic <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13138">13138</a></li>
   <li>Use JDK default security provider when Conscrypt isn't available <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/12938">12938</a></li>
   <li>[Authorization] Return if namespace policies are read only <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/12514">12514</a></li>
   </ul>
   <h3>Pulsar Admin</h3>
   <ul>
   <li>Make sure policies.is_allow_auto_update_schema not null <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14409">14409</a></li>
   <li>pulsar admin exposes secret for source and sink <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13059">13059</a></li>
   <li>Fix deleting tenants with active namespaces with 500. <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13020">13020</a></li>
   <li>[function] pulsar admin exposes secrets for function <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/12950">12950</a></li>
   </ul>
   <h3>Bookkeeper</h3>
   <ul>
   <li>Upgrade BK to 4.14.4 and Grpc to 1.42.1 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13714">13714</a></li>
   <li>Bump BookKeeper 4.14.3 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/12906">12906</a></li>
   </ul>
   <h3>Broker</h3>
   <ul>
   <li>Fix the wrong parameter in the log. <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14309">14309</a></li>
   <li>Fix batch ack count is negative issue. <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14288">14288</a></li>
   <li>bug fix: IllegalArgumentException: Invalid period 0.0 to calculate rate <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14280">14280</a></li>
   <li>Clean up individually deleted messages before the mark-delete position <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14261">14261</a></li>
   <li>If mark-delete operation fails, mark the cursor as &quot;dirty&quot; <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14256">14256</a></li>
   <li>Fixed detecting number of NICs in EC2 <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14252">14252</a></li>
   <li>Remove log unacked msg. <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14246">14246</a></li>
   <li>Change broker producer fence log level <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14196">14196</a></li>
   <li>Fix NPE of cumulative ack mode and incorrect unack message count <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14021">14021</a></li>
   <li>KeyShared stickyHashRange subscription: prevent stuck subscription in case of consumer restart <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/14014">14014</a></li>
   <li>Trim configuration value string which contains blank prefix or suffix <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13984">13984</a></li>
   <li>waitingCursors potential  heap memory leak  <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13939">13939</a></li>
   <li>Fix read schema compatibility strategy priority <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13938">13938</a></li>
   <li>NPE when get isAllowAutoUploadSchema <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13831">13831</a></li>
   <li>Fix call sync method in async rest API for <code>internalGetSubscriptionsForNonPartitionedTopic</code> <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13745">13745</a></li>
   <li>Fix the deadlock while using zookeeper thread to create ledger <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13744">13744</a></li>
   <li>Fix inefficient forEach loop <a href="https://github-redirect.dependabot.com/apache/pulsar/pull/13742">13742</a></li>
   </ul>
   <!-- raw HTML omitted -->
   </blockquote>
   <p>... (truncated)</p>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a href="https://github.com/apache/pulsar/commit/02ee5616866d4eda8dd94f85d9d9b71c459f248d"><code>02ee561</code></a> Release 2.8.4</li>
   <li><a href="https://github.com/apache/pulsar/commit/9bc0115c727b9e84d2d27dd188b64fb6c56c420a"><code>9bc0115</code></a> Fix testProducerInvalidMessageMemoryRelease</li>
   <li><a href="https://github.com/apache/pulsar/commit/c038898608ac901e81093b38c2dc82cf5051265b"><code>c038898</code></a> Fix AuthenticationProviderBasicTest</li>
   <li><a href="https://github.com/apache/pulsar/commit/c8c1c0954f391932cb24db3afc071a46f65e707d"><code>c8c1c09</code></a> [improve][authentication] Adapt basic authentication configuration with prefi...</li>
   <li><a href="https://github.com/apache/pulsar/commit/6b3e46f20e7004890822d8b9e47ca7328097d3a0"><code>6b3e46f</code></a> Fix testProducerSemaphoreInvalidMessage by removing usages of mockStatic</li>
   <li><a href="https://github.com/apache/pulsar/commit/59339c42b54856b54a877489af1e8b8418095045"><code>59339c4</code></a> [fix][client]Fix MaxQueueSize semaphore release leak in createOpSendMsg (<a href="https://github-redirect.dependabot.com/apache/pulsar/issues/16915">#16915</a>)</li>
   <li><a href="https://github.com/apache/pulsar/commit/a50159328b1292abeb8c050f893c826f28ad6fb9"><code>a501593</code></a> Forget to update memory usage when invalid message (<a href="https://github-redirect.dependabot.com/apache/pulsar/issues/16835">#16835</a>)</li>
   <li><a href="https://github.com/apache/pulsar/commit/71076570b4bc3af30dd5da6b918f1ea232d92afb"><code>7107657</code></a> Fix the compilation error when cherry-picking cdec98a</li>
   <li><a href="https://github.com/apache/pulsar/commit/05b16e24ba83cfd4b564f3ad33ad9c4067d6c381"><code>05b16e2</code></a> [improve][test] Verify the authentication data in the authorization provider ...</li>
   <li><a href="https://github.com/apache/pulsar/commit/acb4eba0ec4077f017ad5b9fb26d64ac224438a6"><code>acb4eba</code></a> [improve][authentication] Improve get the basic authentication config (<a href="https://github-redirect.dependabot.com/apache/pulsar/issues/16526">#16526</a>)</li>
   <li>Additional commits viewable in <a href="https://github.com/apache/pulsar/compare/v2.8.0...v2.8.4">compare view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.pulsar:pulsar-broker&package-manager=maven&previous-version=2.8.0&new-version=2.8.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
   - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
   - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
   - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
   
   You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/incubator-seatunnel/network/alerts).
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@seatunnel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [incubator-seatunnel] dependabot[bot] commented on pull request #2962: Bump pulsar-broker from 2.8.0 to 2.8.4 in /seatunnel-connectors-v2/connector-pulsar

Posted by GitBox <gi...@apache.org>.

dependabot[bot] commented on PR #2962:
URL: https://github.com/apache/incubator-seatunnel/pull/2962#issuecomment-1271424764

   OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@seatunnel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [incubator-seatunnel] CalvinKirs closed pull request #2962: Bump pulsar-broker from 2.8.0 to 2.8.4 in /seatunnel-connectors-v2/connector-pulsar

Posted by GitBox <gi...@apache.org>.

CalvinKirs closed pull request #2962: Bump pulsar-broker from 2.8.0 to 2.8.4 in /seatunnel-connectors-v2/connector-pulsar
URL: https://github.com/apache/incubator-seatunnel/pull/2962


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@seatunnel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org