search

2227324689 / gpmall

【咕泡学院实战项目】-基于SpringBoot+Dubbo构建的电商平台-微服务架构、商城、电商、微服务、高并发、kafka、Elasticsearch
http://vip.istio.tech/
Apache License 2.0
4.83k stars 1.88k forks source link

Bump dubbo from 2.7.13 to 2.7.15 in /gpmall-parent #213

Open dependabot[bot] opened 2 years ago

dependabot[bot] commented 2 years ago

Bumps dubbo from 2.7.13 to 2.7.15.

Release notes

Sourced from dubbo's releases.

dubbo-2.7.15

Bugfix

  • dubbo-spring-boot-actuator compatible with Spring Boot Actuator 2.6.x
  • Check before use to avoid possible NPE in MetadataInfo
  • Fix DubboConfigEarlyInitializationPostProcessor registered twice in Spring Framework
  • Fix issue where dead connections would not be reconnected
  • Fix netty server ssl context file leak
  • Fix potential NPE in URLBuilder.java
  • Make the warm-up process smoother
  • Reset the client value of LazyConnectExchangeClient after close
  • Fix StringIndexOutOfBoundsException at addParam
  • Change default step to FORCE_INTERFACE

Dependency Upgrade

  • Upgrade log4j2 version: 2.11.1 -> 2.17.0
  • Upgrade Hessian Lite version: 3.2.11 -> 3.2.12
  • Upgrade to jedis: 3.6.0 -> 3.7.0
  • Upgrade jetcd: 0.5.3 -> 0.5.7
  • Upgrade xstream version: 1.4.10 -> 1.4.12
  • Upgrade curator version: 4.0.1 -> 4.2.0

dubbo-2.7.14

Change Lists

  • add Dynamic Configuration Override Support For ServiceDiscovery. (#8389)
  • fix mock parameters doesn't work when it contain ':' or '='. (#8379)
  • fix the issue of taking the zone parameter value in ZoneAwareClusterInvoker. (#8521)
  • add the switch for check class is in serialize white list , default is true. (#8537)
  • fix NPE on serialization checking when request timed out. (#8587)
  • fix NetUtils.ignoreNetworkInterface can't process network card name contains '(' symbol. (#8629)
  • unify the way of getting local address. (#8679)
  • fix retries param didn't work well when it is 0. (#8743)
  • close client immediately when destroy unused invoker. (#8756)
  • fix destroy IllegalStateException and doOverrideIfNecessary NPE. (#8683)
  • show message according to log level when DefaultFuture.closeChannel. (#8778)
  • use MapUtils instead of AttachmentsAdapter. (#8772)

Dependency Changes

  • netty4: 4.1.51.Final -> 4.1.66.Final
  • netty4_ssl: 2.0.39.Final -> 2.0.40.Final
  • http_client: 4.5.3 -> 4.5.13
  • jetty: 9.4.11.v20180605 -> 9.4.43.v20210629
  • apollo_client: 1.1.1 -> 1.8.0
  • tomcat_embed: 8.5.31-> 9.0.48
  • commons_io: 2.6 -> 2.7
  • curator: 5.0.0 -> 5.1.0
  • hessian_lite: 3.2.8 -> 3.2.11
Commits
  • 767620a [2.7] Prepare Dubbo 2.7.15 Release
  • 0d9b094 [2.7] Fix pond ignore in URLStrParser (#9465)
  • 55672e4 [2.7] Update Hessian Lite version (#9456)
  • 8cc9579 upgrade log4j2 version to 2.17.0 (#9444)
  • 63e714a dubbo-spring-boot-actuator compatible with Spring Boot Actuator 2.6.x (#9394)...
  • daeeeb7 upgrade log4j2 to 2.16.0 (#9433)
  • 578bfcb Improve the readability of the getOrder method (#9361)
  • 1296ff8 [master] Optimize some code for DubboConfigEarlyRegistrationPostProcessor (#9...
  • c0b7f95 Check before use to avoid possible NPE in MetadataInfo (#9420)
  • 9cfb1ae Fix DubboConfigEarlyInitializationPostProcessor registered twice in Spring Fr...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/2227324689/gpmall/network/alerts).
rkodang commented 2 years ago

我已经收到您的来信啦 Thanks~