Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump hazelcast from 4.2 to 4.2.6 #14

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump hazelcast from 4.2 to 4.2.6 #14

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 27, 2022

Bumps hazelcast from 4.2 to 4.2.6.

Release notes

Sourced from hazelcast's releases.

v4.2.6

This document lists the new features, enhancements, fixed issues and, removed or deprecated features for Hazelcast IMDG 4.2.z releases. The numbers in the square brackets refer to the issues in Hazelcast's GitHub repositories.

==== 4.2.6 ====

Enhancements

  • Upgrade jackson-databind to 2.14.0. #22391

Fixes

  • Fixed an issue where replication over WAN was failing on the source cluster members, when there are multiple batch publishers configured in a single WAN replication. #22496
  • Fixed a memory leak due to incomplete clean-up of backup replica sync operations. #22406
  • Fixed the cluster failure occurred after requesting healthcheck of a member using REST API while the hazelcast.socket.buffer.direct property is enabled. #21702
  • Improved connection handling. #21643
  • Fixed an issue where a cluster could not be formed when security is enabled, various client permissions are set, and multiple members are started simultaneously. #21508

==== 4.2.5 ====

If you’re using eviction or expiration for maps, you must set the per-entry-stats-enabled property to true to fix an issue in version 4.2.x where some map entries are not always evicted or expired according to their time-to-live or maximum idle duration configurations.

Enhancements

  • Introduced a system property for allowing you to audit that all the Hazelcast instances running in your environment have the instance tracking file name set correctly in the configuration. See the note in Instance Tracking. #19929
  • Enabled XXE (XML External Entity Reference) protection for XMLInputFactory. The issue was reported through https://huntr.dev/bounties/d63972a2-b910-480a-a86b-d1f75d24d563/. #20942
  • The probe level for most of the network related statistics has been changed to "DEBUG" to decrease the pressure on Management Center; now they are not sent to Management Center by default. If you want to see these statistics, you need to set the "hazelcast.metrics.debug.enabled" property to true. #21275

Fixes

  • Fixed an issue where the statistics like puts and removals were not increasing when these operations are executed through Transactional interface. #21105
  • Fixed an issue where Hazelcast clients, which have only the IP address of a member to connect (but the member also has a hostname), were not able to connect to the cluster. #20631
  • Hazelcast’s memcached implementation was interpreting the number values and parameters for incr and decr wrongly (numbers were being converted into byte arrays instead of decimals). This has been fixed by making these commands' implementations strictly follow the memcached protocol specification. #19676
  • Fixed an issue where the totalPublishes statistics for the Reliable Topic data structure were always generated as 0. #19656
  • Fixed an issue where the map.clear() and cache.clear() methods were evicting all entries in all near caches of all the maps in a cluster, not only the map on which these methods are called. #19501
  • Fixed an issue that caused some map entries to remain in Hazelcast even when you configured eviction or expiration. #19483

Removed/Deprecated Features

The following system properties have been deprecated:

  • hazelcast.client.statistics.enabled
  • hazelcast.client.statistics.period.seconds

==== 4.2.4 =====

For the distributions packages of IMDG, we updated the vulnerable version of log4j2 in Management Center to 2.17.0. No changes were made to the IMDG code.

Note: The 4.2.4 release notes for the Hazelcast distribution on Maven wrongly states that log4j2 version has been updated to 2.15.0; it should be 2.17.0.

... (truncated)

Commits
  • 787803d Upgrade version to 4.2.6
  • 622d299 Add unintentionally removed line back (#22900)
  • e95038d Prepare release 4.2.6
  • bb1fd6b Adding 4.2.6 release notes along with all 4.2.z series. (#22898)
  • b927138 Downgrade version back to 4.2.6-SNAPSHOT (#22880)
  • ddd5faf Make 'MetadataRaftGroupSnapshot' class immutable since it is stored in the Ra...
  • 28fbefa Upgrade jackson-databind to 2.14.0 [4.2.z] (#22391)
  • 2370a3f Handle null values of AddMapConfigMessageTask's nullable fields [4.2.z] (#22811)
  • d1ab2af Convert HotRestartTriggerBackupMessageTask and ShutdownClusterMessageTask to ...
  • 5b47313 Fixed ClearBackupOperation [HZ-1210] [BACKPORT] (#22082) (#22406)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump hazelcast from 4.2 to 4.2.6
79da748 
Bumps [hazelcast](https://github.com/hazelcast/hazelcast) from 4.2 to 4.2.6.
- [Release notes](https://github.com/hazelcast/hazelcast/releases)
- [Commits](hazelcast/hazelcast@v4.2...v4.2.6)

---
updated-dependencies:
- dependency-name: com.hazelcast:hazelcast
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 27, 2022
@dependabot dependabot bot mentioned this pull request Dec 27, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants