Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken #3040
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vlsi
reviewed
Nov 28, 2023
| @@ -36,6 +36,9 @@ public static void convert(PGStream stream, Properties info) | |||
| try { | |||
| newConnection = (SSLSocket) factory.createSocket(stream.getSocket(), | |||
| stream.getHostSpec().getHost(), stream.getHostSpec().getPort(), true); | |||
| // honour the network timeout set in the incoming stream. We have a report that SSL | |||
| // connections do not timeout. | |||
| newConnection.setSoTimeout(stream.getNetworkTimeout()); | |||
There was a problem hiding this comment.
I wonder why don't we get failures in the regular test execution. We might add tests that would configure the default db with tls and execute all tests againt it
There was a problem hiding this comment.
Good question, ever harder will be to test this particular scenario as you have to have a connection to get this far. Postgres doesn't use a separate port for SSL so it would be tough to only block SSL connections.
There was a problem hiding this comment.
@vlsi should we be using sslResponseTimeout instead ?
There was a problem hiding this comment.
I have not checked it, however, I think we should have different settings for "connect timeout" and for "read response timeout".
The case is:
- You want "read response timeout" to be large enough to cover the longest query you expect in the application. For instance, there might be a reporting query taking 10min, so you might set
read response timeoutto 10min - You want your connects fallback to the workable databases quite quickly, so you don't want to wait for 10 minutes only to recognize the host is not responding
There was a problem hiding this comment.
agreed!
However in this particular case we are connecting so sslResponseTimeout seems more appropriate.
There was a problem hiding this comment.
Frankly, we have connectTimeout, and I do not see reasons to have different value here.
I suggest the following:
--- a/pgjdbc/src/main/java/org/postgresql/ssl/MakeSSL.java
+++ b/pgjdbc/src/main/java/org/postgresql/ssl/MakeSSL.java
@@ -36,6 +36,8 @@ public class MakeSSL extends ObjectFactory {
try {
newConnection = (SSLSocket) factory.createSocket(stream.getSocket(),
stream.getHostSpec().getHost(), stream.getHostSpec().getPort(), true);
+ int connectTimeoutSeconds = PGProperty.CONNECT_TIMEOUT.getInt(info);
+ newConnection.setSoTimeout(connectTimeoutSeconds * 1000);
// We must invoke manually, otherwise the exceptions are hidden
newConnection.setUseClientMode(true);
newConnection.startHandshake();
@@ -51,7 +53,8 @@ public class MakeSSL extends ObjectFactory {
if (sslMode.verifyPeerName()) {
verifyPeerName(stream, info, newConnection);
}
+ // Zero timeout (default) means infinite
+ int socketTimeout = PGProperty.SOCKET_TIMEOUT.getInt(info);
+ newConnection.setSoTimeout(socketTimeout * 1000);
stream.changeSocket(newConnection);
}
|
I've pushed the change above, but then what is the point of SSLResponseTimeout ? |
|
It might be worth adding |
Not before releasing this version, but yes, it's a misnomer |
|
I do not see an easy way to test this, and the code looks good to me |
vlsi
changed the title
redalogobject
pushed a commit
to logobject/pgjdbc
that referenced
this pull request
Dec 7, 2023
…e wait in case the connection is broken (pgjdbc#3040) Use connectTimeout (default: 10s) for SSL handshake, then apply socketTimeout (default: 0, infinite timeout)
benkard
pushed a commit
to benkard/mulkcms2
that referenced
this pull request
Dec 23, 2023
This MR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [flow-bin](https://github.com/flowtype/flow-bin) ([changelog](https://github.com/facebook/flow/blob/master/Changelog.md)) | devDependencies | minor | [`^0.223.0` -> `^0.224.0`](https://renovatebot.com/diffs/npm/flow-bin/0.223.0/0.224.0) | | [org.postgresql:postgresql](https://jdbc.postgresql.org) ([source](https://github.com/pgjdbc/pgjdbc)) | build | patch | `42.7.0` -> `42.7.1` | | [net.java.dev.jna:jna](https://github.com/java-native-access/jna) | compile | minor | `5.13.0` -> `5.14.0` | | [org.hibernate.orm:hibernate-envers](https://hibernate.org/orm) ([source](https://github.com/hibernate/hibernate-orm)) | build | patch | `6.4.0.Final` -> `6.4.1.Final` | | [org.hibernate.orm:hibernate-core](https://hibernate.org/orm) ([source](https://github.com/hibernate/hibernate-orm)) | build | patch | `6.4.0.Final` -> `6.4.1.Final` | | [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) | build | patch | `2.41.0` -> `2.41.1` | | [io.quarkus:quarkus-maven-plugin](https://github.com/quarkusio/quarkus) | build | patch | `3.6.0` -> `3.6.3` | | [io.quarkus:quarkus-universe-bom](https://github.com/quarkusio/quarkus-platform) | import | patch | `3.6.0` -> `3.6.3` | --- ### Release Notes <details> <summary>flowtype/flow-bin</summary> ### [`v0.224.0`](flow/flow-bin@e730887...e6104a1) [Compare Source](flow/flow-bin@e730887...e6104a1) ### [`v0.223.3`](flow/flow-bin@6e1e3f7...e730887) [Compare Source](flow/flow-bin@6e1e3f7...e730887) ### [`v0.223.2`](flow/flow-bin@5bb7bcf...6e1e3f7) [Compare Source](flow/flow-bin@5bb7bcf...6e1e3f7) </details> <details> <summary>pgjdbc/pgjdbc</summary> ### [`v42.7.1`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#​4271-2023-12-06-083400--0500) ##### Changed - perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing [MR #​3044](pgjdbc/pgjdbc#3044) ##### Fixed - fix: Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken [MR #​3040](pgjdbc/pgjdbc#3040) - fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc [MR #​2720](pgjdbc/pgjdbc#2720) Fixes [Issue #​2690](pgjdbc/pgjdbc#2720). - fix: NoSuchMethodError on ByteBuffer#position When Running on Java 8 when accessing arrays, fixes [Issue #​3014](pgjdbc/pgjdbc#3014) - Revert "[MR #​2925](pgjdbc/pgjdbc#2925) Use canonical DateStyle name" [MR #​3035](pgjdbc/pgjdbc#3035) Fixes [Issue #​3008](pgjdbc/pgjdbc#3008) - Revert "[MR ##​2973](pgjdbc/pgjdbc#2973) feat: support SET statements combining with other queries with semicolon in PreparedStatement" [MR #​3010](pgjdbc/pgjdbc#3010) Fixes [Issue #​3007](pgjdbc/pgjdbc#3007) - fix: avoid timezone conversions when sending LocalDateTime to the database [#​2852](pgjdbc/pgjdbc#3010) Fixes [Issue #​1390](pgjdbc/pgjdbc#1390) ,[Issue #​2850](pgjdbc/pgjdbc#2850) Closes \[Issue [#​1391](pgjdbc/pgjdbc#1391) </details> <details> <summary>java-native-access/jna</summary> ### [`v5.14.0`](https://github.com/java-native-access/jna/blob/HEAD/CHANGES.md#Release-5140) [Compare Source](java-native-access/jna@5.13.0...5.14.0) \============== ## Features - [#​1556](java-native-access/jna#1556): Add `SetJob`, `SetPrinter` to `c.s.j.p.w.Winspool` - [@​tresf](https://github.com/tresf). - [#​1534](java-native-access/jna#1534): Add `GetMethod`, `Put`, `SpawnInstance` to `c.s.j.p.win32.COM.WbemCli#IWbemClassObject` and `ExecMethod` to `c.s.j.p.win32.COM.WbemCli#IWbemServices` - [@​faddom](https://github.com/faddom). - [#​1544](java-native-access/jna#1544): Add `GetPriorityClass`, `SetPriorityClass`, `GetThreadPriority`, `SetThreadPriority` and associated constants to `c.s.j.p.win32.Kernel32` - [@​dEajL3kA](https://github.com/dEajL3kA). - [#​1548](java-native-access/jna#1548): Make interface `c.s.j.p.mac.XAttr public` - [@​matthiasblaesing](https://github.com/matthiasblaesing). - [#​1551](java-native-access/jna#1551): Add `c.s.j.p.bsd.ExtAttr` and `c.s.j.p.bsd.ExtAttrUtil` to wrap BSD [\<sys/extattr.h>](https://man.freebsd.org/cgi/man.cgi?query=extattr\&sektion=2) system calls. [@​rednoah](https://github.com/rednoah). - [#​1517](java-native-access/jna#1517): Add missing `O_*` (e.g. `O_APPEND`, `O_SYNC`, `O_DIRECT`, ...) to `c.s.j.p.linux.Fcntl` - [@​matthiasblaesing](https://github.com/matthiasblaesing). - [#​1521](java-native-access/jna#1521): Shutdown CleanerThread once the last cleanable is removed - [@​matthiasblaesing](https://github.com/matthiasblaesing). - [#​1557](java-native-access/jna#1557): Build linux-riscv64 on Ubuntu focal to improve compatibility with older glibc versions - [@​matthiasblaesing](https://github.com/matthiasblaesing). ## Bug Fixes - [#​1501](java-native-access/jna#1501): `Library.OPTION_STRING_ENCODING` is ignore for string arguments function calls - [@​matthiasblaesing](https://github.com/matthiasblaesing). - [#​1504](java-native-access/jna#1504): Increase maximum supported fixed args on varargs calls from 3 to 255 - [@​andrew-nowak](https://github.com/andrew-nowak). - [#​1545](java-native-access/jna#1545): Fix Java 6 incompatibility in `c.s.j.p.win32.Kerne32Util` and `c.s.j.p.win32.DBT` - [@​matthiasblaesing](https://github.com/matthiasblaesing). ## Important Changes - The interfaces between Java and native code have changed, so `libjnidispatch` must be rebuilt to be compatible with this release. - Release drops support for JDKs 6 + 7, so you'll need at least JDK 8 to update to use this version. </details> <details> <summary>hibernate/hibernate-orm</summary> ### [`v6.4.1.Final`](https://github.com/hibernate/hibernate-orm/blob/HEAD/changelog.txt#Changes-in-641Final-December-15-2023) [Compare Source](hibernate/hibernate-orm@6.4.0...6.4.1) https://hibernate.atlassian.net/projects/HHH/versions/32216 \*\* Bug \* \[HHH-17570] - Wrong name provided when checking Oracle autonomous JSON database \* \[HHH-17561] - NullPointerException at OracleServerConfiguration class \* \[HHH-17555] - equals hashcode combined with naturalId \* \[HHH-17553] - java.util.ConcurrentModificationException: null when loading an entity \* \[HHH-17551] - Gradle Enterprise improvements \* \[HHH-17528] - Explicit selection of an [@​Embeddable](https://github.com/Embeddable) property containing associated collections doesn't work \* \[HHH-17525] - StackOverflowError when using [@​ManyToMany](https://github.com/ManyToMany) with composite id \* \[HHH-17520] - Schema creation fails with interval second data type on PostgreSQL \* \[HHH-17519] - Initializing a lazy association with a non aggregate id causes a NPE \* \[HHH-17515] - DynamicInstantiationResult wrong java type constructor selected \* \[HHH-17499] - SemanticException when querying embedded id entity with positional parameter \* \[HHH-17494] - Metamodel generator produces an uncompilable class when an EntityGraph name contains a comma \* \[HHH-17491] - UnknownEntityTypeException thrown when multiple subclasses define an attribute with the same name and one is a MappedSuperclass \* \[HHH-17489] - ConcurrentModificationException after upgrading to 6.4.0 \* \[HHH-17466] - Exception on query: Could not convert 'java.util.Locale' to 'java.util.Locale' using 'org.hibernate.type.descriptor.java.LocaleJavaType' to wrap \* \[HHH-17464] - 6.4.0 regression: NullPointerException in DefaultEvictEventListener#onEvict \* \[HHH-17456] - java.util.UnknownFormatConversionException thrown why logging set to TRACE \* \[HHH-17445] - Subquery correlated path expressions do not work with nullness predicates \* \[HHH-17418] - Bytecode enchanced read accessor for a final field uses "missing" writer method \* \[HHH-17416] - Using tuples in WHERE clause throws SemanticException \* \[HHH-17413] - Invalid SQL with TYPE() function and CASE expression in SELECT clause \* \[HHH-17408] - Unproxying leads to uninitialized one-to-one associations in some cases involving polymorphism \* \[HHH-17407] - AssertionError when using JpaEntityJoin with correlated subqery if criteria copy tree is enabled \* \[HHH-17405] - Cannot resolve path of generic mapped-superclass association path \* \[HHH-17402] - UnknownEntityTypeException: Unable to locate persister - when comparing generic interface ToOne attribute to parameter \* \[HHH-17397] - Count with right join returns count on the left entity although requested by the right one \* \[HHH-17395] - Refresh with PESSIMISTIC_WRITE ignored for lazy loaded entity \* \[HHH-17393] - Incorrect return type for List attribute, wrap in additional list \* \[HHH-17392] - UnsupportedOperationException when using row_number() window function without top level GROUP BY \* \[HHH-17391] - AssertionError when using row_number() window function with ORDER BY \* \[HHH-17387] - Can't use EAGER ManyToOne on parent abstract class of joined table entity \* \[HHH-17379] - Right join does not return records from the right table if there is condition on ID field and there's no matching record in the from clause \* \[HHH-17359] - Query Cache contains null values for entity associations when entity was already loaded \* \[HHH-17334] - Duplicated columns when updating indexed [@​ElementCollection](https://github.com/ElementCollection) with non updatable fields \* \[HHH-17293] - Schema validation fails on postgres interval seconds type \* \[HHH-17280] - UnknownTableReferenceException in subquery selecting embeddable foreign key \* \[HHH-16967] - Missing join on inheritance parent table to validate [@​Where](https://github.com/Where) condition \* \[HHH-16756] - orphanRemoval does not work when bytecode enhancement is enabled \* \[HHH-16306] - CountExpressionTest.testCountDistinctTuple fails on Sybase \* \[HHH-16100] - Dynamic-map entity mode does not register a column for one-to-one associations \* \[HHH-1645] - refresh with LockMode on an unitialized proxy does not work \*\* Improvement \* \[HHH-17554] - No join on the table of the parent class with JOINED inheritance strategy when the select not contains a column used in [@​Where](https://github.com/Where) or [@​SQLRestriction](https://github.com/SQLRestriction) \* \[HHH-16809] - Add JavaType#createArray \*\* Task \* \[HHH-17565] - Add testing for JDK 22-ea \* \[HHH-17546] - Update Cockroach CI testing to 23.1.12 \* \[HHH-17545] - Update SAP HANA JDBC driver to 2.19.11 \* \[HHH-17544] - Update SAP HANA CI testing to 2.00.072.00.20231123.1 \* \[HHH-17543] - Update DB2 CI testing to 11.5.9.0 \* \[HHH-17542] - Update DB2 JDBC driver to 11.5.9.0 \* \[HHH-17541] - Update SQL Server JDBC driver to 12.4.2 </details> <details> <summary>quarkusio/quarkus</summary> ### [`v3.6.3`](https://github.com/quarkusio/quarkus/releases/tag/3.6.3) [Compare Source](quarkusio/quarkus@3.6.2...3.6.3) ##### Complete changelog - [#​37690](quarkusio/quarkus#37690) - Regression in 3.6.2: ConfigDiagnostic `NullPointerException: Cannot invoke "java.lang.CharSequence.toString()" because "s" is null` - [#​37688](quarkusio/quarkus#37688) - Do not use build cache when releasing - [#​37669](quarkusio/quarkus#37669) - OIDC: Fix DEV UI startup when OIDC or Keycloak Dev Services is disabled - [#​37667](quarkusio/quarkus#37667) - Disabling of Dev Services for Keycloak leads to startup error - [#​37651](quarkusio/quarkus#37651) - Fix GraalVM version checker in order to accept other implementations - [#​37563](quarkusio/quarkus#37563) - Consistent file URI for folders and jars - [#​37559](quarkusio/quarkus#37559) - Quarkus throws NPE when trying to match unknown config files ### [`v3.6.2`](https://github.com/quarkusio/quarkus/releases/tag/3.6.2) [Compare Source](quarkusio/quarkus@3.6.1...3.6.2) ##### Complete changelog - [#​37686](quarkusio/quarkus#37686) - Use standard URL when updating the website - [#​37653](quarkusio/quarkus#37653) - Improve error message in REST Client when no matching readers found - [#​37640](quarkusio/quarkus#37640) - Handle expireAfterWrite properly in the redis-cache config - [#​37639](quarkusio/quarkus#37639) - Logging docs include build time config reference - [#​37638](quarkusio/quarkus#37638) - Add scope tag to all injected MP Metrics - [#​37623](quarkusio/quarkus#37623) - Add quarkus-funqy-amazon-lambda-deployment to the quarkus-bom - [#​37617](quarkusio/quarkus#37617) - SmallRye GraphQL 2.6.1 - [#​37611](quarkusio/quarkus#37611) - Fix configuration of custom port for Elasticsearch dev services - [#​37610](quarkusio/quarkus#37610) - Elasticsearch devservice port incorrect binding - [#​37605](quarkusio/quarkus#37605) - Fix type in HeartbeatFilter example of rest-client-reactive doc - [#​37599](quarkusio/quarkus#37599) - Bump kafka3.version from 3.6.0 to 3.6.1 - [#​37594](quarkusio/quarkus#37594) - Bump org.jetbrains.kotlinx:kotlinx-serialization-json from 1.6.1 to 1.6.2 - [#​37590](quarkusio/quarkus#37590) - Microprofile Metric Missing "Scope" Tag Only When Using Constructor Injection - [#​37588](quarkusio/quarkus#37588) - Update the import.cypher script to use newer syntax - [#​37581](quarkusio/quarkus#37581) - Support using commas to add extensions with CLI - [#​37570](quarkusio/quarkus#37570) - Prevent concurrently running Jacoco ReportCreators to avoid report corruption - [#​37565](quarkusio/quarkus#37565) - ArC: prevent duplicate bean discovery & detect duplicate bean identifiers - [#​37564](quarkusio/quarkus#37564) - Invalid documentation for 'quarkus extension add' - [#​37557](quarkusio/quarkus#37557) - Make docs/sync-web-site.sh recoverable - [#​37553](quarkusio/quarkus#37553) - Register OpenAPI custom filters for reflection - [#​37549](quarkusio/quarkus#37549) - Bump commons-io:commons-io from 2.15.0 to 2.15.1 - [#​37546](quarkusio/quarkus#37546) - Bump io.quarkus:quarkus-platform-bom-maven-plugin from 0.0.99 to 0.0.100 - [#​37545](quarkusio/quarkus#37545) - Bump org.junit.jupiter:junit-jupiter from 5.10.0 to 5.10.1 - [#​37536](quarkusio/quarkus#37536) - Fix != expression in `@PreAuthorize` check - [#​37535](quarkusio/quarkus#37535) - Fix Snappy note about native - [#​37526](quarkusio/quarkus#37526) - Spring security annotatiton PreAuthorize process equals and not equals in the same way - [#​37520](quarkusio/quarkus#37520) - Properly match unknown config files for Windows - [#​37513](quarkusio/quarkus#37513) - Save pathParamValues encoded and perform decoding when requested - [#​37505](quarkusio/quarkus#37505) - Bump org.jboss.logmanager:log4j2-jboss-logmanager from 1.1.1.Final to 1.1.2.Final - [#​37496](quarkusio/quarkus#37496) - Quarkus 3.6.0 generate wrong jacoco xml - [#​37493](quarkusio/quarkus#37493) - upgrading from quarkus 3.5.3 to 3.6.0 java.lang.IllegalArgumentException: A case block for the string value already exist - [#​37479](quarkusio/quarkus#37479) - Redis Cache ttl default value invalid setting - [#​37357](quarkusio/quarkus#37357) - Runtime OpenAPI filters are not registered for reflection - [#​37298](quarkusio/quarkus#37298) - Bump Keycloak version to 23.0.0 - [#​37187](quarkusio/quarkus#37187) - Bump org.apache.commons:commons-compress from 1.24.0 to 1.25.0 - [#​37129](quarkusio/quarkus#37129) - Bump org.jetbrains.kotlinx:kotlinx-serialization-json from 1.6.0 to 1.6.1 - [#​37128](quarkusio/quarkus#37128) - Bump org.junit:junit-bom from 5.10.0 to 5.10.1 - [#​37035](quarkusio/quarkus#37035) - Register methods of RESTeasy reactive parameter containers for reflection - [#​36986](quarkusio/quarkus#36986) - Native not index method with SSE and throw NoSuchMethodException - [#​36813](quarkusio/quarkus#36813) - config-yaml warning - unrecognized configuration file on Windows - [#​36773](quarkusio/quarkus#36773) - "Unrecognized configuration file" when using YAML - [#​35960](quarkusio/quarkus#35960) - PathParam URL encoded in quarkus-resteasy-reactive since quarkus 3.2.x ### [`v3.6.1`](https://github.com/quarkusio/quarkus/releases/tag/3.6.1) [Compare Source](quarkusio/quarkus@3.6.0...3.6.1) ##### Complete changelog - [#​37486](quarkusio/quarkus#37486) - Revert "Unlist quarkus-resteasy-qute and quarkus-resteasy-reactive-qute" - [#​37478](quarkusio/quarkus#37478) - Qute resteasy change in 3.6.0 - [#​37454](quarkusio/quarkus#37454) - Config: detect injected config value mismatch for missing values - [#​37453](quarkusio/quarkus#37453) - Fix Panache bytecode enhancement for `@Embeddable` records - [#​37449](quarkusio/quarkus#37449) - Update Apache Maven to 3.9.6 - [#​37447](quarkusio/quarkus#37447) - Add Content-Range header to 206 Partial Content file response - [#​37444](quarkusio/quarkus#37444) - Injecting ConfigProperty of type Optional\<List<String>> not working in the native mode - [#​37436](quarkusio/quarkus#37436) - Respect comma escapes in property value for `@RolesAllowed.` - [#​37428](quarkusio/quarkus#37428) - Fix various minor issues in quarkus update - [#​37426](quarkusio/quarkus#37426) - Fix typo configMapRefKey -> configMapKeyRef - [#​37421](quarkusio/quarkus#37421) - Scheduler: register ApplicationNotRunning as bean even if quartz is used - [#​37417](quarkusio/quarkus#37417) - Build fails when using the Quartz extension and `@Scheduled`(..., skipExecutionIf = Scheduled.ApplicationNotRunning.class) - [#​37415](quarkusio/quarkus#37415) - Make Truffle from GraalVM 23.1 work in all Quarkus modes - [#​37401](quarkusio/quarkus#37401) - Print correct profiles in native image - [#​37400](quarkusio/quarkus#37400) - Improve reliability when downloading builder images from Quay.io - [#​37398](quarkusio/quarkus#37398) - Revert "Build cache - Upload quarkus-ide-launcher-999-SNAPSHOT.jar" - [#​37395](quarkusio/quarkus#37395) - Update Gradle to 8.5 - [#​37393](quarkusio/quarkus#37393) - Disable new Http2RSTFloodProtectionConfigTest on Windows - [#​37392](quarkusio/quarkus#37392) - Update gradle to 8.5 and backport if possible to finish Java 21 dependencies - [#​37384](quarkusio/quarkus#37384) - Stop disabling unsafe in netty at native-executable runtime - [#​37382](quarkusio/quarkus#37382) - Update MAX_LTS_SUPPORTED_BY_KOTLIN to 21 - [#​37367](quarkusio/quarkus#37367) - Documentation: security auth mechanism guide must also list runtime form auth properties alongside build-time ones - [#​37366](quarkusio/quarkus#37366) - Documentation: Fix OIDC credentials reference to secret key - [#​37364](quarkusio/quarkus#37364) - Improve Docker Desktop detection - [#​37361](quarkusio/quarkus#37361) - Do not fail the request in OidcClient filters if OidcClient is disabled - [#​37360](quarkusio/quarkus#37360) - Disable OidcClientFilter at runtime for simpler application testing - [#​37359](quarkusio/quarkus#37359) - Fix incorrect log dependency - [#​37354](quarkusio/quarkus#37354) - Update Boucycastle to 1.77 and Boucycastle FIPS to 1.0.2.4 - [#​37351](quarkusio/quarkus#37351) - Upgrade to Jandex 3.1.6 - [#​37350](quarkusio/quarkus#37350) - Unlist quarkus-resteasy-reactive-qute and quarkus-resteasy-qute - [#​37347](quarkusio/quarkus#37347) - Runtime (re)initialize Netty's PlatformDependent classes - [#​37318](quarkusio/quarkus#37318) - Use batch mode for update-version.sh - [#​37317](quarkusio/quarkus#37317) - Avoid asking for GPG passphrase on CI - [#​37314](quarkusio/quarkus#37314) - Fix deprecated dev-v1 url with dev-ui in a few places - [#​37300](quarkusio/quarkus#37300) - Prepare docs/sync-web-site.sh for automated releases - [#​37294](quarkusio/quarkus#37294) - Fix the major version of Java 21 - [#​37292](quarkusio/quarkus#37292) - Bump testcontainers to 1.19.3 and use docker-java-bom - [#​37291](quarkusio/quarkus#37291) - Bump org.jetbrains.kotlin:kotlin-gradle-plugin-api from 1.9.20 to 1.9.21 in /devtools/gradle - [#​37280](quarkusio/quarkus#37280) - Bump Microsoft SQL Server JDBC driver to 12.4.2 - [#​37279](quarkusio/quarkus#37279) - Bump Microsoft SQL Server JDBC driver to 12.4.2 - [#​37271](quarkusio/quarkus#37271) - Docs: add keywords to Vert.x guides - [#​37270](quarkusio/quarkus#37270) - Vert.x: report exception for blocking message consumer methods - [#​37268](quarkusio/quarkus#37268) - Reactive REST Client: check for ClientRequestFilter when skipping `@Provider` auto-discovery - [#​37252](quarkusio/quarkus#37252) - Use the default tenant resolver if the custom one does not resolve a tenant - [#​37251](quarkusio/quarkus#37251) - Add a test showing how OIDC ID token can be propagated - [#​37247](quarkusio/quarkus#37247) - Update kindcontainer to 1.4.4 - [#​37244](quarkusio/quarkus#37244) - Always execute a JPA password action - [#​37228](quarkusio/quarkus#37228) - Add classes from additional JPA model build items to pre-generate proxies - [#​37224](quarkusio/quarkus#37224) - Qute: dev mode - debug a problem with no-restart-template - [#​37222](quarkusio/quarkus#37222) - RuntimeException in vertx is silently swallowed for blocking ConsumeEvents - [#​37177](quarkusio/quarkus#37177) - QUARKUS_MROFILE=dev and '-Dquarkus.profile=dev' not working for native image - [#​37108](quarkusio/quarkus#37108) - Warning about build time generated proxy for entity OutboxEvent in Hibernate Search - [#​36892](quarkusio/quarkus#36892) - Update Kotlin to version 1.9.21, Mockito to 5.7.0 - [#​36747](quarkusio/quarkus#36747) - NoSuchMethodException when reading `@Embeddable` record - [#​36735](quarkusio/quarkus#36735) - Failure to bump BouncyCastle FIPS version to 1.0.2.4 due to a native build failure - [#​36242](quarkusio/quarkus#36242) - Quarkus cannot load Truffle/polyglot languages with the custom class loader. - [#​17839](quarkusio/quarkus#17839) - Invalid memory configuration for netty maxDirectMemory in native image </details> <details> <summary>quarkusio/quarkus-platform</summary> ### [`v3.6.3`](quarkusio/quarkus-platform@3.6.2...3.6.3) [Compare Source](quarkusio/quarkus-platform@3.6.2...3.6.3) ### [`v3.6.2`](quarkusio/quarkus-platform@3.6.1...3.6.2) [Compare Source](quarkusio/quarkus-platform@3.6.1...3.6.2) ### [`v3.6.1`](quarkusio/quarkus-platform@3.6.0...3.6.1) [Compare Source](quarkusio/quarkus-platform@3.6.0...3.6.1) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever MR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This MR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4yNC4wIiwidXBkYXRlZEluVmVyIjoiMzQuMjQuMCJ9-->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes a report that SSL connections do not honour connection timeout.