Bump hazelcast from 5.1 to 5.2.3

[dependabot[bot]]

Bumps hazelcast from 5.1 to 5.2.3.

Release notes

Sourced from hazelcast's releases.

v5.2.3

This document lists the enhancements and fixes for Hazelcast Platform 5.2.3 release. The numbers in the square brackets refer to the issues and pull requests in Hazelcast's GitHub repository.

Enhancements

• When advanced networking is enabled, the Kubernetes discovery plugin might have been discovering several endpoints (per each port) for each member's pod. The discovery plugin now matches only the private IP per endpoint, ignoring the port values. #23931
• Introduced the hazelcast.discovery.public.address.fallback property to enable smart client connectivity to Hazelcast clusters deployed on Kubernetes, and having advanced network configuration enabled.#23920

Fixes

• Fixed an issue where a ECS Fargate cluster was failing to start due to the Failed to configure discovery strategies error. #23939
• Fixed an issue where the Hazelcast configuration was modified by the Jet engine, if the wildcard configuration is used and Jet is enabled; meaning the configurations made by the user was not being reflected. #23877
• Fixed an issue where Debezium connector for MongoDB could not keep the connection after some time. #23690

v5.2.2

This document lists the new features, enhancements, fixed issues and, removed or deprecated features for Hazelcast Platform 5.2.2 release. The numbers in square brackets refer to the pull requests in Hazelcast's GitHub repository.

Breaking Changes

• Changed the default cloud coordinator URL from coordinator.hazelcast.cloud to api.viridian.hazelcast.com. When you use the default configuration, it now connects to Hazelcast Viridian instead of Hazelcast Cloud, potentially leading to not being able to connect to the cloud cluster. If you want to use Hazelcast Cloud, you need to change the value of hazelcast.client.cloud.url property to https://coordinator.hazelcast.cloud. #23304

Enhancements

• Added support of IMDSv2 for Hazelcast's AWS Discovery plugin.
• Hazelcast now allows serializing unsupported types via xref:serialization:compact-serialization.adoc#using-compact-serialization-with-zero-configuration[zero-configuration] provided that there is an explicit serializer implemented for the unsupported type. #23569
• Added flock to guard concurrent pip runs. #22934
• Added the ability of discovering ECS and EC2 clients by the Hazelcast members on Amazon ECS. #22630

Fixes

• Fixed an issue where excessive amount of Kubernetes API calls were being logged when Automatic State Management feature is enabled in a Hazelcast cluster running on Kubernetes. #23576
• Fixed an issue where the JSON Query results were inconsistent, using the data stored as JSON via HazelcastJsonValue. #23453
• Fixed an issue where the unordered mapUsingServiceAsync() was losing the last items when there are no watermarks. #23272
• Fixed an issue where the message of an exception caused when reading a JDBC table column metadata was showing the data source reference instead of the table name. #23123
• Fixed an issue where the recorded moment of submitted job's start time was causing a race condition. For short jobs, the job might have been completed even before recording the startTime metric; since this metric is collected after the job is submitted. Now, this metric is collected just before submitting a job. #23066
• Fixed an issue where the offloading of map stores (which is enabled by default) was leading to unexpected unlocking behavior when committing transactions. #22937

v5.2.1

This document lists the new features, enhancements, fixed issues and, removed or deprecated features for Hazelcast Platform 5.2.1 releases. The numbers in the square brackets refer to the issues and pull requests in Hazelcast's GitHub repository.

Enhancements

• Added support for discovering ECS and EC2 members on AWS. See Deploying a Cluster on Amazon AWS. #22590

Fixes

... (truncated)

Commits

• 22c3efb Upgrade version to 5.2.3
• 30f246a Bump json-smart from to 2.4.10 to fix CVE-2023-1370 [5.2.3] (#24058)
• 6ceb0f0 Defensive changes in DeferredValue [HZ-1187] [5.2.3] (#24029)
• 2434811 Adding RN for Platform OS 5.2.3.
• 7be97a6 Update release_notes.txt
• d1a5d53 Prepare release 5.2.3
• 0dc28ab Update owasp-check-suppressions.xml (#23998)
• a069905 Add new suppressions to owasp checks (#23980)
• 72d7a1c Bump jmx_prometheus_javaagent from 0.17.2 to 0.18.0 [5.2.z] (#23975)
• bacaef0 Migrate from log4j to reload4j (#23953) [5.2.z] (#23966)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 1 day

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.