You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@shiro.apache.org by "dependabot[bot] (via GitHub)" <gi...@apache.org> on 2023/06/13 18:06:10 UTC

[GitHub] [shiro] dependabot[bot] opened a new pull request, #931: build(deps): bump hazelcast from 3.12.13 to 4.2.8

dependabot[bot] opened a new pull request, #931:
URL: https://github.com/apache/shiro/pull/931

   Bumps [hazelcast](https://github.com/hazelcast/hazelcast) from 3.12.13 to 4.2.8.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a href="https://github.com/hazelcast/hazelcast/releases">hazelcast's releases</a>.</em></p>
   <blockquote>
   <h2>v4.2.8</h2>
   <p>This document lists the new features, enhancements, fixed issues and, removed or deprecated features for Hazelcast IMDG 4.2.8 release. The numbers in the square brackets refer to the issues in Hazelcast's GitHub repositories.</p>
   <h2>Enhancements</h2>
   <ul>
   <li>Updated the Jackson core dependency version to 2.15.1. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/24638">#24638</a></li>
   </ul>
   <h2>v4.2.7</h2>
   <p>This document lists the new features, enhancements, fixed issues and, removed or deprecated features for <strong>Hazelcast IMDG 4.2.7</strong> release. The numbers in the square brackets refer to the issues in Hazelcast's GitHub repositories.</p>
   <h2>Fixes</h2>
   <ul>
   <li>Fixed an issue where the JSON Query results were inconsistent, using the data stored as JSON via <code>HazelcastJsonValue</code>. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/23454">#23454</a></li>
   <li>Fixed an issue where the WAN replicated entries were expiring on the passive cluster when the entries are accessed on the active cluster. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/22294">#22294</a></li>
   </ul>
   <h2>v4.2.6</h2>
   <p>This document lists the new features, enhancements, fixed issues and, removed or deprecated features for <strong>Hazelcast IMDG 4.2.6</strong> releases. The numbers in the square brackets refer to the issues in Hazelcast's GitHub repositories.</p>
   <h2>Enhancements</h2>
   <ul>
   <li>Upgrade jackson-databind to 2.14.0. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/22391">#22391</a></li>
   </ul>
   <h2>Fixes</h2>
   <ul>
   <li>Fixed an issue where replication over WAN was failing on the source cluster members, when there are multiple batch publishers configured in a single WAN replication. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/22496">#22496</a></li>
   <li>Fixed a memory leak due to incomplete clean-up of backup replica sync operations. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/22406">#22406</a></li>
   <li>Fixed the cluster failure occurred after requesting healthcheck of a member using REST API while the <code>hazelcast.socket.buffer.direct</code> property is enabled. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/21702">#21702</a></li>
   <li>Improved connection handling. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/21643">#21643</a></li>
   <li>Fixed an issue where a cluster could not be formed when security is enabled, various client permissions are set,
   and multiple members are started simultaneously. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/21508">#21508</a></li>
   </ul>
   <h2>v4.2.5</h2>
   <p>This document lists the new features, enhancements, fixed issues and, removed or deprecated features for Hazelcast IMDG 4.2.5 release. The numbers in the square brackets refer to the issues in Hazelcast's GitHub repositories.</p>
   <h2>Enhancements</h2>
   <ul>
   <li>Introduced a system property for allowing you to audit that all the Hazelcast instances running in your
   environment have the instance tracking file name set correctly in the configuration. See the note in Instance Tracking documentation. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/19929">#19929</a></li>
   <li>Enabled XXE (XML External Entity Reference) protection for <code>XMLInputFactory</code>. The issue was reported through
   <a href="https://huntr.dev/bounties/d63972a2-b910-480a-a86b-d1f75d24d563/">https://huntr.dev/bounties/d63972a2-b910-480a-a86b-d1f75d24d563/</a>. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/20942">#20942</a></li>
   <li>The probe level for most of the network related statistics has been changed to &quot;DEBUG&quot; to decrease the pressure on Management Center; now they are not sent to Management Center by default. If you want to see these statistics, you need to set the &quot;hazelcast.metrics.debug.enabled&quot; property to &quot;true. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/21275">#21275</a></li>
   </ul>
   <h2>Fixes</h2>
   <ul>
   <li>Fixed an issue where the statistics like puts and removals were not increasing when these operations are executed through Transactional interface. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/21105">#21105</a></li>
   <li>Fixed an issue where Hazelcast clients, which have only the IP address of a member to connect (but the member also has a hostname), were not able to connect to the cluster. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/20631">#20631</a></li>
   <li>Hazelcast’s memcached implementation was interpreting the number values and parameters for <code>incr</code> and <code>decr</code> wrongly (numbers were being converted into byte arrays instead of decimals).
   This has been fixed by making these commands' implementations strictly follow the memcached protocol specification. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/19676">#19676</a></li>
   <li>Fixed an issue where the <code>totalPublishes</code> statistics for the Reliable Topic data structure were always generated as <code>0</code>. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/19656">#19656</a></li>
   <li>Fixed an issue where the <code>map.clear</code> and <code>cache.clear</code> methods were evicting all entries in all near caches of all the maps in a cluster, not only the map on which these methods are called. <a href="https://redirect.github.com/hazelcast/hazelcast/issues/19501">#19501</a></li>
   </ul>
   <!-- raw HTML omitted -->
   </blockquote>
   <p>... (truncated)</p>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/eeda08aafe071206d7e1c6765fcffe96d22411fc"><code>eeda08a</code></a> Upgrade version to  4.2.8</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/90df6cd85b5fe2a8d4ea3bcb62dfef23950345b7"><code>90df6cd</code></a> Update release_notes.txt</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/1ce1bddad9015fbf1da62155ffd10944a584d6c2"><code>1ce1bdd</code></a> Prepare release 4.2.8</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/e42ec725a44f9439a8e809caa9dc0baab0805223"><code>e42ec72</code></a> Update owasp-check-suppressions.xml (<a href="https://redirect.github.com/hazelcast/hazelcast/issues/24650">#24650</a>)</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/33ce5b91e5eb7ad66894cb231d0e91f540d09e62"><code>33ce5b9</code></a> Update jackson-core to 2.15.1 (<a href="https://redirect.github.com/hazelcast/hazelcast/issues/24638">#24638</a>)</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/e69433cb920e912095085a30276aeed1612a74a1"><code>e69433c</code></a> Fix anyOf test [HZ-2244] (<a href="https://redirect.github.com/hazelcast/hazelcast/issues/24176">#24176</a>) [4.2.z] (<a href="https://redirect.github.com/hazelcast/hazelcast/issues/24187">#24187</a>)</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/8ce7f506525476891419b3dbc170c8e0d5303d4f"><code>8ce7f50</code></a> Migrate from log4j to reload4j (<a href="https://redirect.github.com/hazelcast/hazelcast/issues/23953">#23953</a>) [4.2.z] (<a href="https://redirect.github.com/hazelcast/hazelcast/issues/23969">#23969</a>)</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/71865ccbb2c7ebb21f425e66124e8bf0aad13aac"><code>71865cc</code></a> Fix InvocationFuture with ArbitraryArityConstruction [HZ-2051] (<a href="https://redirect.github.com/hazelcast/hazelcast/issues/23905">#23905</a>) [4.2....</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/44e979b54e2c877ec3da6c8b9c11cc081e7eeeeb"><code>44e979b</code></a> Prepare for next development cycle</li>
   <li><a href="https://github.com/hazelcast/hazelcast/commit/29ae3a8387e5db1b5fb0cbef841bb53e328e144e"><code>29ae3a8</code></a> Use assertTrueEventually in PartitionIndexingTest API-1666 [4.2.z] (<a href="https://redirect.github.com/hazelcast/hazelcast/issues/23458">#23458</a>)</li>
   <li>Additional commits viewable in <a href="https://github.com/hazelcast/hazelcast/compare/v3.12.13...v4.2.8">compare view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.hazelcast:hazelcast&package-manager=maven&previous-version=3.12.13&new-version=4.2.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
   
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@shiro.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [shiro] dependabot[bot] closed pull request #931: build(deps): bump hazelcast from 3.12.13 to 4.2.8

Posted by "dependabot[bot] (via GitHub)" <gi...@apache.org>.

dependabot[bot] closed pull request #931: build(deps): bump hazelcast from 3.12.13 to 4.2.8
URL: https://github.com/apache/shiro/pull/931


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@shiro.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [shiro] lprimak commented on pull request #931: build(deps): bump hazelcast from 3.12.13 to 4.2.8

Posted by "lprimak (via GitHub)" <gi...@apache.org>.

lprimak commented on PR #931:
URL: https://github.com/apache/shiro/pull/931#issuecomment-1589797966

   @dependabot ignore this major version


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@shiro.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [shiro] dependabot[bot] commented on pull request #931: build(deps): bump hazelcast from 3.12.13 to 4.2.8

Posted by "dependabot[bot] (via GitHub)" <gi...@apache.org>.

dependabot[bot] commented on PR #931:
URL: https://github.com/apache/shiro/pull/931#issuecomment-1589798019

   OK, I won't notify you about version 4.x.x again, unless you re-open this PR. 😢


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@shiro.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org