search

amaybaum-dev / spring-cloud-alibaba2

Spring Cloud Alibaba provides a one-stop solution for application development for the distributed solutions of Alibaba middleware.
https://spring.io/projects/spring-cloud-alibaba
Apache License 2.0
0 stars 1 forks source link

Update dependency io.seata:seata-server to v1.6.0 - autoclosed #2

Closed dev-mend-for-github-com[bot] closed 1 year ago

dev-mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
io.seata:seata-server (source) compile minor 1.5.0 -> 1.6.0

By merging this PR, the issue #4 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
High High 7.5 CVE-2020-11979

Medium Medium 6.3 CVE-2020-1945

Medium Medium 5.5 CVE-2021-36373

Medium Medium 5.5 CVE-2021-36374

Release Notes

seata/seata ### [`v1.6.0`](https://togithub.com/seata/seata/releases/tag/v1.6.0) [Compare Source](https://togithub.com/seata/seata/compare/v1.5.2...v1.6.0) Seata 1.6.0 Released. Seata is an easy-to-use, high-performance, open source distributed transaction solution. The version is updated as follows: ##### feature: - \[[#​4863](https://togithub.com/seata/seata/pull/4863)] support oracle and postgresql multi primary key - \[[#​4649](https://togithub.com/seata/seata/pull/4649)] seata-server support multiple registry - \[[#​4779](https://togithub.com/seata/seata/pull/4779)] support Apache Dubbo3 - \[[#​4479](https://togithub.com/seata/seata/pull/4479)] TCC mode supports tcc annotation marked on both interface and implementation class - \[[#​4877](https://togithub.com/seata/seata/pull/4877)] seata client support jdk17 - \[[#​4914](https://togithub.com/seata/seata/pull/4914)] support mysql update join sql - \[[#​4542](https://togithub.com/seata/seata/pull/4542)] support oracle timestamp types - \[[#​5111](https://togithub.com/seata/seata/pull/5111)] support Nacos contextPath - \[[#​4802](https://togithub.com/seata/seata/pull/4802)] dockerfile support arm64 ##### bugfix: - \[[#​4780](https://togithub.com/seata/seata/pull/4780)] fix can't post TimeoutRollbacked event after a successful timeout rollback - \[[#​4954](https://togithub.com/seata/seata/pull/4954)] fix output expression incorrectly throws npe - \[[#​4817](https://togithub.com/seata/seata/pull/4817)] fix in high version springboot property not Standard - \[[#​4838](https://togithub.com/seata/seata/pull/4838)] fix when use Statement.executeBatch() can not generate undo log - \[[#​4533](https://togithub.com/seata/seata/pull/4533)] fix rollback event repeated and some event status not correct - \[[#​4912](https://togithub.com/seata/seata/pull/4912)] fix mysql InsertOnDuplicateUpdate column case is different and cannot be matched - \[[#​4543](https://togithub.com/seata/seata/pull/4543)] fix support Oracle nclob types - \[[#​4915](https://togithub.com/seata/seata/pull/4915)] fix failed to get server recovery properties - \[[#​4919](https://togithub.com/seata/seata/pull/4919)] fix XID port and address null:0 before coordinator.init - \[[#​4928](https://togithub.com/seata/seata/pull/4928)] fix rpcContext.getClientRMHolderMap NPE - \[[#​4953](https://togithub.com/seata/seata/pull/4953)] fix InsertOnDuplicateUpdate bypass modify pk - \[[#​4978](https://togithub.com/seata/seata/pull/4978)] fix kryo support circular reference - \[[#​4874](https://togithub.com/seata/seata/pull/4874)] fix startup failure by using OpenJDK 11 - \[[#​5018](https://togithub.com/seata/seata/pull/5018)] fix loader path in startup scripts - \[[#​5004](https://togithub.com/seata/seata/pull/5004)] fix duplicate image row for update join - \[[#​5032](https://togithub.com/seata/seata/pull/5032)] fix mysql InsertOnDuplicateUpdate sql query error caused by placeholder index calculation error - \[[#​5033](https://togithub.com/seata/seata/pull/5033)] fix null exception when sql columns is empty for insert on duplicate - \[[#​5038](https://togithub.com/seata/seata/pull/5038)] remove [@​EnableConfigurationProperties](https://togithub.com/EnableConfigurationProperties)({SagaAsyncThreadPoolProperties.class}) - \[[#​5050](https://togithub.com/seata/seata/pull/5050)] fix global session is not change to Committed in saga mode - \[[#​5052](https://togithub.com/seata/seata/pull/5052)] fix update join condition placeholder param error - \[[#​5031](https://togithub.com/seata/seata/pull/5031)] fix mysql InsertOnDuplicateUpdate should not use null index value as image sql query condition - \[[#​5075](https://togithub.com/seata/seata/pull/5075)] fix InsertOnDuplicateUpdateExecutor could not intercept the sql which has no primary and unique key - \[[#​5093](https://togithub.com/seata/seata/pull/5093)] fix access key loss after seata server restart - \[[#​5092](https://togithub.com/seata/seata/pull/5092)] fix when seata and jpa are used together, their AutoConfiguration order is incorrect - \[[#​5109](https://togithub.com/seata/seata/pull/5109)] fix NPE caused when there is no [@​GlobalTransactional](https://togithub.com/GlobalTransactional) annotation on the RM side - \[[#​5098](https://togithub.com/seata/seata/pull/5098)] Druid disable oracle implicit cache - \[[#​4860](https://togithub.com/seata/seata/pull/4860)] fix metrics tags coverage in the seata-server side - \[[#​5028](https://togithub.com/seata/seata/pull/5028)] fix insert value null parsed as string in insert on duplicate SQL - \[[#​5078](https://togithub.com/seata/seata/pull/5078)] fix could not intercept the sql witch has no primary and unique key - \[[#​5097](https://togithub.com/seata/seata/pull/5097)] fix access key loss after server restart - \[[#​5131](https://togithub.com/seata/seata/pull/5131)] fix rollback xa connection active state - \[[#​5134](https://togithub.com/seata/seata/pull/5134)] fix hikari datasource auto proxy fail - \[[#​5163](https://togithub.com/seata/seata/pull/5163)] fix bad service configuration file and compilation failure ##### optimize: - \[[#​4774](https://togithub.com/seata/seata/pull/4774)] optimize mysql8 dependencies for seataio/seata-server image - \[[#​4790](https://togithub.com/seata/seata/pull/4790)] Add a github action to publish Seata to OSSRH - \[[#​4765](https://togithub.com/seata/seata/pull/4765)] mysql 8.0.29 not should be hold for connection - \[[#​4750](https://togithub.com/seata/seata/pull/4750)] optimize unBranchLock romove xid - \[[#​4797](https://togithub.com/seata/seata/pull/4797)] optimize the github actions - \[[#​4800](https://togithub.com/seata/seata/pull/4800)] Add NOTICE as Apache License V2 - \[[#​4681](https://togithub.com/seata/seata/pull/4681)] optimize the check lock during global transaction - \[[#​4761](https://togithub.com/seata/seata/pull/4761)] use hget replace hmget because only one field - \[[#​4414](https://togithub.com/seata/seata/pull/4414)] exclude log4j dependencies - \[[#​4836](https://togithub.com/seata/seata/pull/4836)] optimize BaseTransactionalExecutor#buildLockKey(TableRecords rowsIncludingPK) method more readable - \[[#​4865](https://togithub.com/seata/seata/pull/4865)] fix some security vulnerabilities in GGEditor - \[[#​4590](https://togithub.com/seata/seata/pull/4590)] auto degrade enable to dynamic configure - \[[#​4490](https://togithub.com/seata/seata/pull/4490)] tccfence log table delete by index - \[[#​4911](https://togithub.com/seata/seata/pull/4911)] add license checker workflow - \[[#​4917](https://togithub.com/seata/seata/pull/4917)] upgrade package-lock.json fix vulnerabilities - \[[#​4924](https://togithub.com/seata/seata/pull/4924)] optimize pom dependencies - \[[#​4932](https://togithub.com/seata/seata/pull/4932)] extract the default values for some properties - \[[#​4925](https://togithub.com/seata/seata/pull/4925)] optimize java doc warning - \[[#​4921](https://togithub.com/seata/seata/pull/4921)] fix some vulnerabilities in console and upgrade skywalking-eyes - \[[#​4936](https://togithub.com/seata/seata/pull/4936)] optimize read of storage configuration - \[[#​4946](https://togithub.com/seata/seata/pull/4946)] pass the sqlexception to client when get lock - \[[#​4962](https://togithub.com/seata/seata/pull/4962)] optimize build and fix the base image - \[[#​4974](https://togithub.com/seata/seata/pull/4974)] optimize cancel the limit on the number of globalStatus queries in Redis mode - \[[#​4981](https://togithub.com/seata/seata/pull/4981)] optimize tcc fence record not exists errMessage - \[[#​4985](https://togithub.com/seata/seata/pull/4985)] fix undo_log id repeat - \[[#​4995](https://togithub.com/seata/seata/pull/4995)] fix mysql InsertOnDuplicateUpdate duplicate pk condition in after image query sql - \[[#​5047](https://togithub.com/seata/seata/pull/5047)] remove useless code - \[[#​5051](https://togithub.com/seata/seata/pull/5051)] undo log dirty throw BranchRollbackFailed_Unretriable - \[[#​5075](https://togithub.com/seata/seata/pull/5075)] intercept the InsertOnDuplicateUpdate statement which has no primary key and unique index value - \[[#​5104](https://togithub.com/seata/seata/pull/5104)] remove the druid dependency in ConnectionProxy - \[[#​5124](https://togithub.com/seata/seata/pull/5124)] support oracle on delete tccfence logs - \[[#​4468](https://togithub.com/seata/seata/pull/4968)] support kryo 5.3.0 - \[[#​4807](https://togithub.com/seata/seata/pull/4807)] optimize docker image and oss publish - \[[#​4445](https://togithub.com/seata/seata/pull/4445)] optimize transaction timeout judgment - \[[#​4958](https://togithub.com/seata/seata/pull/4958)] do not execute triggerAfterCommit() if timeout - \[[#​4582](https://togithub.com/seata/seata/pull/4582)] redis mode support sorted set by timeout - \[[#​4963](https://togithub.com/seata/seata/pull/4963)] add ARM64 CI workflow - \[[#​4434](https://togithub.com/seata/seata/pull/4434)] remove seata-server's CMS parameters Thanks to these contributors for their code commits. Please report an unintended omission. - [slievrly](https://togithub.com/slievrly) - [renliangyu857](https://togithub.com/renliangyu857) - [wangliang181230](https://togithub.com/wangliang181230) - [a364176773](https://togithub.com/a364176773) - [tuwenlin](https://togithub.com/tuwenlin) - [conghuhu](https://togithub.com/conghuhu) - [a1104321118](https://togithub.com/a1104321118) - [duanqiaoyanyu](https://togithub.com/duanqiaoyanyu) - [robynron](https://togithub.com/robynron) - [lcmvs](https://togithub.com/lcmvs) - [github-ganyu](https://togithub.com/github-ganyu) - [1181954449](https://togithub.com/1181954449) - [zw201913](https://togithub.com/zw201913) - [wingchi-leung](https://togithub.com/wingchi-leung) - [AlexStocks](https://togithub.com/AlexStocks) - [liujunlin5168](https://togithub.com/liujunlin5168) - [pengten](https://togithub.com/pengten) - [liuqiufeng](https://togithub.com/liuqiufeng) - [yujianfei1986](https://togithub.com/yujianfei1986) - [Bughue](https://togithub.com/Bughue) - [AlbumenJ](https://togithub.com/AlbumenJ) - [doubleDimple](https://togithub.com/doubleDimple) - [jsbxyyx](https://togithub.com/jsbxyyx) - [tuwenlin](https://togithub.com/tuwenlin) - [CrazyLionLi](https://togithub.com/JavaLionLi) - [whxxxxx](https://togithub.com/whxxxxx) - [neillee95](https://togithub.com/neillee95) - [crazy-sheep](https://togithub.com/crazy-sheep) - [zhangzq7](https://togithub.com/zhangzq7) - [l81893521](https://togithub.com/l81893521) - [zhuyoufeng](https://togithub.com/zhuyoufeng) - [xingfudeshi](https://togithub.com/xingfudeshi) - [odidev](https://togithub.com/odidev) - [miaoxueyu](https://togithub.com/miaoxueyu) Also, we receive many valuable issues, questions and advices from our community. Thanks for you all. ### [`v1.5.2`](https://togithub.com/seata/seata/releases/tag/v1.5.2) Seata 1.5.2 Released. Seata is an easy-to-use, high-performance, open source distributed transaction solution. The version is updated as follows: ##### feature: - \[[#​4661](https://togithub.com/seata/seata/pull/4713)] support xid consistency load balance - \[[#​4676](https://togithub.com/seata/seata/pull/4676)] support server to expose Nacos services by mounting SLB - \[[#​4642](https://togithub.com/seata/seata/pull/4642)] support batch message parallel processing - \[[#​4567](https://togithub.com/seata/seata/pull/4567)] support where method condition(find_in_set) ##### bugfix: - \[[#​4515](https://togithub.com/seata/seata/pull/4515)] fix the error of SeataTCCFenceAutoConfiguration when database unused - \[[#​4661](https://togithub.com/seata/seata/pull/4661)] fix sql exception with PostgreSQL in module console - \[[#​4667](https://togithub.com/seata/seata/pull/4682)] fix the exception in RedisTransactionStoreManager for update map During iteration - \[[#​4678](https://togithub.com/seata/seata/pull/4678)] fix the error of key transport.enableRmClientBatchSendRequest cache penetration if not configure - \[[#​4701](https://togithub.com/seata/seata/pull/4701)] fix missing command line args - \[[#​4607](https://togithub.com/seata/seata/pull/4607)] fix bug on skipping lock check - \[[#​4696](https://togithub.com/seata/seata/pull/4696)] fix oracle database insert value - \[[#​4726](https://togithub.com/seata/seata/pull/4726)] fix batch message send may return NullPointException - \[[#​4729](https://togithub.com/seata/seata/pull/4729)] fix set AspectTransactional.rollbackForClassName with wrong value - \[[#​4653](https://togithub.com/seata/seata/pull/4653)] fix the sql exception when pk is non-numeric in INSERT_ON_DUPLICATE SQL ##### optimize: - \[[#​4650](https://togithub.com/seata/seata/pull/4650)] fix some security vulnerabilities - \[[#​4670](https://togithub.com/seata/seata/pull/4670)] optimize the thread pool size of branchResultMessageExecutor - \[[#​4662](https://togithub.com/seata/seata/pull/4662)] optimize rollback transaction metrics - \[[#​4693](https://togithub.com/seata/seata/pull/4693)] optimize the console navigation bar - \[[#​4700](https://togithub.com/seata/seata/pull/4700)] fix maven-compiler-plugin and maven-resources-plugin execute failed - \[[#​4711](https://togithub.com/seata/seata/pull/4711)] separate lib dependencies for deployments - \[[#​4720](https://togithub.com/seata/seata/pull/4720)] optimize pom description - \[[#​4728](https://togithub.com/seata/seata/pull/4728)] upgrade logback dependency to 1.2.9 - \[[#​4745](https://togithub.com/seata/seata/pull/4745)] support mysql8 in release package - \[[#​4626](https://togithub.com/seata/seata/pull/4626)] Replace `flatten-maven-plugin` with `easyj-maven-plugin` to fix the conflict between `shade` and `flatten` - \[[#​4629](https://togithub.com/seata/seata/pull/4629)] check relation of before status and after status when updating global session - \[[#​4662](https://togithub.com/seata/seata/pull/4662)] make EnhancedServiceLoader more readable ##### test: - \[[#​4544](https://togithub.com/seata/seata/pull/4544)] optimize jackson dependencies in TransactionContextFilterTest - \[[#​4731](https://togithub.com/seata/seata/pull/4731)] fix UT failed in AsyncWorkerTest and LockManagerTest Thanks to these contributors for their code commits. Please report an unintended omission. - [slievrly](https://togithub.com/slievrly) - [pengten](https://togithub.com/pengten) - [YSF-A](https://togithub.com/YSF-A) - [tuwenlin](https://togithub.com/tuwenlin) - [Ifdevil](https://togithub.com/Ifdevil) - [wingchi-leung](https://togithub.com/wingchi-leung) - [liurong](https://togithub.com/robynron) - [opelok-z](https://togithub.com/opelok-z) - [a364176773](https://togithub.com/a364176773) - [2129zxl](https://togithub.com/2129zxl) - [Smery-lxm](https://togithub.com/Smery-lxm) - [doubleDimple](https://togithub.com/doubleDimple) - [wangliang181230](https://togithub.com/wangliang181230) - [Bughue](https://togithub.com/Bughue) - [AYue-94](https://togithub.com/AYue-94) - [lingxiao-wu](https://togithub.com/lingxiao-wu) - [caohdgege](https://togithub.com/caohdgege) Also, we receive many valuable issues, questions and advices from our community. Thanks for you all.