芋道 mall 商城,基于微服务的思想,构建在 B2C 电商场景下的项目实战。核心技术栈,是 Spring Boot + Dubbo 。未来,会重构成 Spring Cloud Alibaba 。

Related tags

Spring Boot mysql redis elasticsearch zookeeper springboot dubbo mall rocketmq springcloud xxl-job skywalking sharding-sphere nacos seata
Overview

[toc]

友情提示:近期在升级和优化该项目,建议先 Star 本项目。主要在做几个事情:

  • 1、微服务技术选型以 Spring Cloud Alibaba 为中心。
  • 2、修改项目分层,并合并部分服务,简化整体服务的复杂性。
  • 3、将管理后台从 React 重构到 Vue 框架。

交流群:传送门

前言

基于微服务的思想,构建在 B2C 电商场景下的项目实战。

演示

艿艿:目前的开发者,都是后端出身。所以,一帮没有审美自觉的人,撸出来的前端界面,可能是东半球倒数第二难看。

迫切希望,有前端能力不错的小伙伴,加入我们,一起来完善「芋道商城」。

管理后台

体验传送门:http://dashboard.shop.iocoder.cn

GIF 图-耐心等待

H5 商城

体验传送门:http://h5.shop.iocoder.cn

2M 带宽小水管,访问略微有点慢

GIF 图-耐心等待

其它演示

下面,我们会提供目前用到的中间件的管理平台。

艿艿:考虑到大家可以看到更全的功能,所以一般提供 admin 账号。所以,大家素质使用哟。

SkyWalking UI

教程:《芋道 SkyWalking 安装部署》

Grafana UI

Dubbo Admin

RocketMQ Console

教程:《芋道 RocketMQ 安装部署》

XXL-Job Console

教程:《芋道 XXL-Job 安装部署》

Sentinel Console

教程:《芋道 Sentinel 安装部署》

技术

搭建环境

搭建调试环境

架构图

TODO 此处应有一个架构图的装逼 JPG 图。

项目结构

模块 名称 端口
admin-dashboard-vue 【前端】管理后台 HTTP 9527
user-dashboard-vue 【前端】商城平台 HTTP 8080
management-web-app 【后端】管理平台 HTTP 服务 HTTP 18083 接口文档
shop-web-app 【后端】商城平台 HTTP 服务 HTTP 18084 接口文档
system-service-project 系统 RPC 服务 随机
user-service-project 用户 RPC 服务 随机
promotion-service-project 营销 RPC 服务 随机
pay-service-project 支付 RPC 服务 随机
trade-service-project 交易 RPC 服务 随机
product-service-project 商品 RPC 服务 随机
search-service-project 搜索 RPC 服务 随机

后端项目,目前的项目结构如下:

[-] xxx-web-app // 提供对外 HTTP API。

[-] xxx-service-project
    ├──[-] xxx-service-api // 提供对内 RPC API 。
    ├──[-] xxx-service-app // 提供对内 RPC 实现。
    ├──[-] xxx-service-integration-test // 集成测试。

技术栈

后端

框架 说明 版本
Spring Boot 应用开发框架 2.1.4
MySQL 数据库服务器 5.6
Druid JDBC 连接池、监控组件 1.1.16
MyBatis 数据持久层框架 3.5.1
MyBatis-Plus Mybatis 增强工具包 3.1.1
Redis key-value 数据库 暂未引入,等压测后,部分模块
Redisson Redis 客户端 暂未引入,等压测后,部分模块
Elasticsearch 分布式搜索引擎 6.7.1
Dubbo 分布式 RPC 服务框架 2.7.1
RocketMQ 消息中间件 4.3.2
Seata 分布式事务中间件 0.5.1
Zookeeper 分布式系统协调 3.4.9 作为注册中心
XXL-Job 分布式任务调度平台 2.0.1
springfox-swagger2 API 文档 2.9.2
swagger-bootstrap-ui Swagger 增强 UI 实现 1.9.3

未来考虑引入

  • 配置中心 Apollo
  • 服务保障 Sentinel
  • 网关 Soul

前端

商城 H5

框架 说明 版本
Vue JavaScript 框架 2.5.17
Vant Vue UI 组件库 3.13.0

管理后台

框架 说明 版本
Vue JavaScript 框架 2.5.17
Vue Element Admin 后台前端解决方案 -

监控

一般来说,监控会有三种方式:

  • 1、Tracing ,我们采用 Apache SkyWalking
  • 2、Logging ,我们采用 ELK
  • 3、Metrics ,我们采用 Prometheus
框架 说明 版本
SkyWalking 分布式应用追踪系统 6.0.0
Prometheus 服务监控体系 2.9.2
Alertmanager 告警管理器 0.17.0
Grafana 仪表盘和图形编辑器 0.17.0

其它

  • Jenkins 持续集成
  • Nginx 服务器
  • Docker 容器
  • Nginx

某种结尾

目前成员

  • 小范
  • 芋艿
Comments
  • Bump xxl-job-core from 2.2.0 to 2.3.1 in /归档/mall-dependencies

    Bump xxl-job-core from 2.2.0 to 2.3.1 in /归档/mall-dependencies

    Bumps xxl-job-core from 2.2.0 to 2.3.1.

    Release notes

    Sourced from xxl-job-core's releases.

    XXL-JOB v2.3.1,分布式任务调度平台

    • 1、【修复】修复风险漏洞,升级问题低版本项目依赖:CVE-2021-2471、CVE-2022-22965等。
    • 2、【修复】修复故障告警逻辑,邮箱校验逻辑下放至EmailJobAlarm中,避免对其他告警方式的干扰。
    • 3、【优化】调度通讯默认启用accessToken,提升系统安全性(建议生产环境自定义accessToken)。
    • 4、【优化】合并多项PR,项目代码结构、健壮性优化:PR-2833、PR-2812、PR-2541、PR-2537、PR-2514、PR-2509、PR-2591。
    • 5、【优化】任务线程名优化,提升可读性与问题定位效率(ISSUE-2527)。

    XXL-JOB v2.3.0,分布式任务调度平台

    Release Notes

    • 1、【新增】调度过期策略:调度中心错过调度时间的补偿处理策略,包括:忽略、立即补偿触发一次等;
    • 2、【新增】触发策略:除了常规Cron、API、父子任务触发方式外,新增提供 "固定间隔触发、(固定延时触发,实验中)" 新触发方式;
    • 3、【新增】新增任务辅助工具 "XxlJobHelper":提供统一任务辅助能力,包括:任务上下文信息维护获取(任务参数、任务ID、分片参数)、日志输出、任务结果设置……等;
      • 3.1、"ShardingUtil" 组件废弃:改用 "XxlJobHelper.getShardIndex()/getShardTotal();" 获取分片参数;
      • 3.2、"XxlJobLogger" 组件废弃:改用 "XxlJobHelper.log" 进行日志输出;
    • 4、【优化】任务核心类 "IJobHandler" 的 "execute" 方法取消出入参设计。改为通过 "XxlJobHelper.getJobParam" 获取任务参数并替代方法入参,通过 "XxlJobHelper.handleSuccess/handleFail" 设置任务结果并替代方法出参,示例代码如下;
    @XxlJob("demoJobHandler")
public void execute() {
  String param = XxlJobHelper.getJobParam();    // 获取参数
  XxlJobHelper.handleSuccess();                 // 设置任务结果
}
    • 5、【优化】Cron编辑器增强:Cron编辑器修改cron时可实时查看最近运行时间;
    • 6、【优化】执行器示例项目规范整理;
    • 7、【优化】任务调度生命周期重构:调度(schedule)、触发(trigger)、执行(handle)、回调(callback)、结束(complete);
    • 8、【优化】执行器注册组件优化:注册逻辑调整为异步方式,提高注册性能;
    • 9、【优化】执行器鉴权校验:执行器启动时主动校验accessToken,为空则主动Warn告警;(已规划安全强化:AccessToken动态生成、动态启停等)
    • 10、【优化】邮箱告警配置优化:将"spring.mail.from"与"spring.mail.username"属性拆分开,更加灵活的支持一些无密码邮箱服务;
    • 11、【优化】多个项目依赖升级至较新稳定版本,如netty、groovy、spring、springboot、mybatis等;
    • 12、【优化】UI组件常规升级,提升组件稳定性;
    • 13、【优化】调度中心页面交互优化:用户管理模块密码列取消;多处表达autocomplete取消;执行器管理模块XSS拦截校验等;
    • 14、【优化】调度中心任务状态探测慢SQL问题优化;
    • 15、【修复】GLUE-Java模式任务,init/destroy无法执行问题修复;
    • 16、【修复】Cron编辑器问题修复:修复小概率情况下cron单个字段修改时导致其他字段被重置问题;
    • 17、【修复】通用HTTP任务Handler(httpJobHandler)优化:修复 "setDoOutput(true)" 导致任务请求GetMethod失效问题;
    • 18、【修复】执行器Commandhandler示例任务优化,修复极端情况下脚本进程挂起问题;
    • 19、【修复】调度通讯组件优化,修复RestFul方式调用 DotNet 版本执行器时心跳检测失败问题;
    • 20、【修复】调度中心远程执行日志查询乱码问题修复;
    • 21、【修复】调度中心组件加载顺序优化,修复极端情况下调度组件初始慢导致的调度失败问题;
    • 22、【修复】执行器注册线程优化,修复极端情况下初始化失败时导致NPE问题;
    • 23、【修复】调度线程连接池优化,修复连接有效性校验超时问题;
    • 24、【修复】执行器注册表字段优化,解决执行器注册节点过多导致注册信息存储和更新失败的问题;
    • 25、【修复】轮训路由策略优化,修复小概率下并发问题;
    • 26、【修复】页面redirect跳转后https变为http问题修复;
    • 27、【修复】执行器日志清理优化,修复小概率下日志文件为空导致清理异常问题;
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies java 
    opened by dependabot[bot] 2
  • 网关日志日志功能创建的LinkedHashMap对象没有指定初始长度,可以指定以提高性能

    网关日志日志功能创建的LinkedHashMap对象没有指定初始长度,可以指定以提高性能

    基本信息

    • ruoyi-vue-pro 版本:4.0.0
    • 操作系统:无
    • 数据库:无

    你猜测可能的原因

    浏览代码时,发现网关日志日志打印时候用的是无默认大小初始化值的linkhashmap对象,而打印网关日志代码为固定在map中放置15个项目,所以可以在新建对象的时候指定初始化map中对象个数为15,以节省内存和提高性能。

    复现步骤

    Uploading image.png… AccessLogFilter.java private void writeAccessLog(AccessLog gatewayLog) { Map<String, Object> values = new LinkedHashMap<>(); // 手工拼接,保证排序 values.put("userId", gatewayLog.getUserId()); values.put("userType", gatewayLog.getUserType()); values.put("routeId", gatewayLog.getRoute() != null ? gatewayLog.getRoute().getId() : null); values.put("schema", gatewayLog.getSchema()); values.put("requestUrl", gatewayLog.getRequestUrl()); values.put("queryParams", gatewayLog.getQueryParams().toSingleValueMap()); values.put("requestBody", JsonUtils.isJson(gatewayLog.getRequestBody()) ? // 保证 body 的展示好看 JSONUtil.parse(gatewayLog.getRequestBody()) : gatewayLog.getRequestBody()); values.put("requestHeaders", JsonUtils.toJsonString(gatewayLog.getRequestHeaders().toSingleValueMap())); values.put("userIp", gatewayLog.getUserIp()); values.put("responseBody", JsonUtils.isJson(gatewayLog.getResponseBody()) ? // 保证 body 的展示好看 JSONUtil.parse(gatewayLog.getResponseBody()) : gatewayLog.getResponseBody()); values.put("responseHeaders", gatewayLog.getResponseHeaders() != null ? JsonUtils.toJsonString(gatewayLog.getResponseHeaders().toSingleValueMap()) : null); values.put("httpStatus", gatewayLog.getHttpStatus()); values.put("startTime", DateUtil.format(gatewayLog.getStartTime(), NORM_DATETIME_MS_FORMAT)); values.put("endTime", DateUtil.format(gatewayLog.getEndTime(), NORM_DATETIME_MS_FORMAT)); values.put("duration", gatewayLog.getDuration() != null ? gatewayLog.getDuration() + " ms" : null); log.info("[writeAccessLog][网关日志:{}]", JsonUtils.toJsonPrettyString(values)); }

    报错信息

    enhancement 
    opened by maclong1989 2
  • 无token时如何进行的认证?

    无token时如何进行的认证?

    碰到问题,请在 https://github.com/YunaiV/yudao-cloud/issues 搜索是否存在相似的 issue。

    不按照模板提交的 issue,会被系统自动删除。

    基本信息

    • yudao-cloud 版本:1.6.2-snapshot
    • 操作系统:windows
    • 数据库:mysql

    请问如果请求头不携带token请求时,是如何鉴权的,我看这两个filter里面,cn.iocoder.yudao.gateway.filter.security.TokenAuthenticationFilter,cn.iocoder.yudao.framework.security.core.filter.TokenAuthenticationFilter,如果没有token都是直接过了,那不相当于没有认证也可以调用接口了吗?

    question 
    opened by WuXiaoYang1 2
  • 待确认修复的逻辑问题

    待确认修复的逻辑问题

    fork 的代码,梳理逻辑时,发现三个问题: 1: AdminServiceImpl.java updateAdmin() 方法 password参数未encodePassword存储,账号修改后无法登陆 2: updateAdminStatus() DISABLE 时会将当前用户token失效,应该是被更新的用户token失效,参数传错了 3: AdminErrorCodeEnum.java 账号被禁用 与 账号已经存在 状态码相同

    question 
    opened by wangrqsh 2
  • 多个committer代码规范不统一

    多个committer代码规范不统一

    首先感谢作者,这是一个非常好的springboot综合项目实例,能从工程中学到springboot,dubbo,微服务的知识。应用分层这篇文章中讲到项目结构的时候,讲到service层和controller层的入参都是DTO,但是实际代码中出现了PO的概念,例如UserAddressAddPO,在这里,应该和DTO是一个意思,建议统一一下

    question 
    opened by pingguoilove 2
  • Bump commons-net from 3.8.0 to 3.9.0 in /yudao-dependencies

    Bump commons-net from 3.8.0 to 3.9.0 in /yudao-dependencies

    Bumps commons-net from 3.8.0 to 3.9.0.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies java 
    opened by dependabot[bot] 1
  • Bump dubbo from 2.7.7 to 2.7.18 in /归档/mall-dependencies

    Bump dubbo from 2.7.7 to 2.7.18 in /归档/mall-dependencies

    Bumps dubbo from 2.7.7 to 2.7.18.

    Release notes

    Sourced from dubbo's releases.

    dubbo-2.7.18

    What's Changed

    Dependency Upgrade

    New Contributors

    Full Changelog: https://github.com/apache/dubbo/compare/dubbo-2.7.17...dubbo-2.7.18

    dubbo-2.7.17

    What's Changed

    Full Changelog: https://github.com/apache/dubbo/compare/dubbo-2.7.16...dubbo-2.7.17

    dubbo-2.7.16

    Feature

    Bugfix

    ... (truncated)

    Commits
    • fddf601 Merge branch 'apache-master' into 2.7.18-release
    • c676fb9 Fix PojoUtils support localdatetime,lcaldate,localtime serializable and deser...
    • 7f977e0 Update NOTICE
    • 1f66075 Prepare 2.7.18 release
    • 688177f [2.7] Update hessian version (#10630)
    • bcf9764 Fixes #9913, rmi protocol supoort group and version (#9951)
    • 81fabc7 Remove useless toString in Timeout Filter (#10531)
    • b5b478c update to 2.7.18-SNAPSHOT
    • d8f9768 Merge branch 'apache-master' into 2.7.17-release
    • 66e5d08 Fix pom configuration
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies java 
    opened by dependabot[bot] 1
  • 生成代码时,报错:Cause: java.sql.SQLException: Field 'table_id' doesn't have a default value,疑似mybatis-plus插入数据后,未返回主键

    生成代码时,报错:Cause: java.sql.SQLException: Field 'table_id' doesn't have a default value,疑似mybatis-plus插入数据后,未返回主键

    基本信息

    • yudao-cloud:
    • 操作系统:win10 ltsc 2021 64bit
    • 数据库:mysql 8.0

    你猜测可能的原因

    插入数据后未返回table.id codegenTableMapper.insert(table); 导致下一步table.id无值可用

           // 构建 CodegenColumnDO 数组,插入到 DB 中
        List<CodegenColumnDO> columns = codegenBuilder.buildColumns(table.getId(), tableInfo.getFields());
        // 如果没有主键,则使用第一个字段作为主键
        if (!tableInfo.isHavePrimaryKey()) {
            columns.get(0).setPrimaryKey(true);
        }
        codegenColumnMapper.insertBatch(columns);

    复现步骤

    第一步,进入后台管理系统,选择左侧“基础设施”菜单

    第二步,选择“代码生成”

    第三步,点击“导入”按钮,选择表后确定

    报错信息

    系统异常 图片

    Cause: java.sql.SQLException: Field 'table_id' doesn't have a default value

    ; Field 'table_id' doesn't have a default value; nested exception is java.sql.SQLException: Field 'table_id' doesn't have a default value at org.springframework.jdbc.support.SQLErrorCodeSQLExceptionTranslator.doTranslate(SQLErrorCodeSQLExceptionTranslator.java:251) at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:70) at org.mybatis.spring.MyBatisExceptionTranslator.translateExceptionIfPossible(MyBatisExceptionTranslator.java:91) at org.mybatis.spring.SqlSessionTemplate$SqlSessionInterceptor.invoke(SqlSessionTemplate.java:441) at com.sun.proxy.$Proxy205.insert(Unknown Source) at org.mybatis.spring.SqlSessionTemplate.insert(SqlSessionTemplate.java:272) at com.baomidou.mybatisplus.core.override.MybatisMapperMethod.execute(MybatisMapperMethod.java:59) at com.baomidou.mybatisplus.core.override.MybatisMapperProxy$PlainMethodInvoker.invoke(MybatisMapperProxy.java:148) at com.baomidou.mybatisplus.core.override.MybatisMapperProxy.invoke(MybatisMapperProxy.java:89) at com.sun.proxy.$Proxy232.insert(Unknown Source) at java.util.ArrayList.forEach(ArrayList.java:1259)

    opened by lymansix 1
  • Bump dubbo from 2.7.7 to 2.7.15 in /归档/mall-dependencies

    Bump dubbo from 2.7.7 to 2.7.15 in /归档/mall-dependencies

    Bumps dubbo from 2.7.7 to 2.7.15.

    Release notes

    Sourced from dubbo's releases.

    dubbo-2.7.15

    Bugfix

    • dubbo-spring-boot-actuator compatible with Spring Boot Actuator 2.6.x
    • Check before use to avoid possible NPE in MetadataInfo
    • Fix DubboConfigEarlyInitializationPostProcessor registered twice in Spring Framework
    • Fix issue where dead connections would not be reconnected
    • Fix netty server ssl context file leak
    • Fix potential NPE in URLBuilder.java
    • Make the warm-up process smoother
    • Reset the client value of LazyConnectExchangeClient after close
    • Fix StringIndexOutOfBoundsException at addParam
    • Change default step to FORCE_INTERFACE

    Dependency Upgrade

    • Upgrade log4j2 version: 2.11.1 -> 2.17.0
    • Upgrade Hessian Lite version: 3.2.11 -> 3.2.12
    • Upgrade to jedis: 3.6.0 -> 3.7.0
    • Upgrade jetcd: 0.5.3 -> 0.5.7
    • Upgrade xstream version: 1.4.10 -> 1.4.12
    • Upgrade curator version: 4.0.1 -> 4.2.0

    dubbo-2.7.14

    Change Lists

    • add Dynamic Configuration Override Support For ServiceDiscovery. (#8389)
    • fix mock parameters doesn't work when it contain ':' or '='. (#8379)
    • fix the issue of taking the zone parameter value in ZoneAwareClusterInvoker. (#8521)
    • add the switch for check class is in serialize white list , default is true. (#8537)
    • fix NPE on serialization checking when request timed out. (#8587)
    • fix NetUtils.ignoreNetworkInterface can't process network card name contains '(' symbol. (#8629)
    • unify the way of getting local address. (#8679)
    • fix retries param didn't work well when it is 0. (#8743)
    • close client immediately when destroy unused invoker. (#8756)
    • fix destroy IllegalStateException and doOverrideIfNecessary NPE. (#8683)
    • show message according to log level when DefaultFuture.closeChannel. (#8778)
    • use MapUtils instead of AttachmentsAdapter. (#8772)

    Dependency Changes

    • netty4: 4.1.51.Final -> 4.1.66.Final
    • netty4_ssl: 2.0.39.Final -> 2.0.40.Final
    • http_client: 4.5.3 -> 4.5.13
    • jetty: 9.4.11.v20180605 -> 9.4.43.v20210629
    • apollo_client: 1.1.1 -> 1.8.0
    • tomcat_embed: 8.5.31-> 9.0.48
    • commons_io: 2.6 -> 2.7
    • curator: 5.0.0 -> 5.1.0
    • hessian_lite: 3.2.8 -> 3.2.11

    dubbo-2.7.13

    ... (truncated)

    Commits
    • 767620a [2.7] Prepare Dubbo 2.7.15 Release
    • 0d9b094 [2.7] Fix pond ignore in URLStrParser (#9465)
    • 55672e4 [2.7] Update Hessian Lite version (#9456)
    • 8cc9579 upgrade log4j2 version to 2.17.0 (#9444)
    • 63e714a dubbo-spring-boot-actuator compatible with Spring Boot Actuator 2.6.x (#9394)...
    • daeeeb7 upgrade log4j2 to 2.16.0 (#9433)
    • 578bfcb Improve the readability of the getOrder method (#9361)
    • 1296ff8 [master] Optimize some code for DubboConfigEarlyRegistrationPostProcessor (#9...
    • c0b7f95 Check before use to avoid possible NPE in MetadataInfo (#9420)
    • 9cfb1ae Fix DubboConfigEarlyInitializationPostProcessor registered twice in Spring Fr...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump mysql-connector-java from 5.1.46 to 8.0.28 in /归档/mall-dependencies

    Bump mysql-connector-java from 5.1.46 to 8.0.28 in /归档/mall-dependencies

    Bumps mysql-connector-java from 5.1.46 to 8.0.28.

    Changelog

    Sourced from mysql-connector-java's changelog.

    Changelog

    https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/

    Version 8.0.29

    • Fix for Bug#21978230, COMMENT PARSING NOT PROPER IN PREPSTMT.EXECUTEBATCH().

    • Fix for Bug#81468 (23312764), MySQL server fails to rewrite batch insert when column name contains word select.

    • Fix for Bug#106435 (33850099), 8.0.28 Connector/J has regressive in setAutoCommit after Bug#104067 (33054827).

    • Fix for Bug#106240 (33781440), StringIndexOutOfBoundsException when VALUE is at the end of the query.

    • Fix for Bug#106397 (33893591), Contribution: fix: fix LocalizedErrorMessages.properties doc: less then -> ... Thanks to Jianjian Song for his contribution.

    • Fix for Bug#77924 (25710160), JDBC SOCKS SHOULD NOT PERFORM LOCAL DNS RESOLUTION.

    • Fix for Bug#82084 (23743938), YEAR DATA TYPE RETURNS INCORRECT VALUE FOR JDBC GETCOLUMNTYPE().

    • Fix for Bug#106441 (33850155), Add charset mapping for utf8mb3.

    • WL#15048, Upgrade Protocol Buffers dependency to protobuf-java-3.19.4.

    • Fix for Bug#106065 (33726184) Contribution: BigDecimal.toPlainString no need to check decimal exponent. Thanks to Baoyi Chen for his contribution.

    • Fix for Bug#106171 (33757217), Contribution: Remove unnecessary boxing in ResultSetImpl. Thanks to Ningpp Ning for his contribution.

    • Fix for Bug#25701740, STMT EXECUTION FAILS FOR REPLICATION CONNECTION WHEN USECURSORFETCH=TRUE.

    • Fix for Bug#33723611, getDefaultTransactionIsolation must return repeatable read.

    • Fix for Bug#38954 (11749415), DATA TRUNCATION WHILE USING BIT(1) IN STORED PROCEDURE WITH INOUT TYPE.

    • Fix for Bug#85317 (25672958), EXECUTE BATCH WILL THROW NULL POINTER EXCEPTION WHERE THE COLUMN IS BLOB!

    • Fix for Bug#105915 (33678490), Connector/J 8 server prepared statement precision loss in execute batch.

    • Fix for Bug#104349 (33563548), com.mysql.cj NPE.

    • Fix for Bug#62006 (16714956), JAVA.IO.NOTSERIALIZABLEEXCEPTION: JAVA.IO.STRINGREADER WHEN PROFILESQL=TRUE.

    • WL#14750, Better unification of query bindings.

    • WL#14834, Support for FIDO authentication.

    • WL#14835, Align TLS option checking across connectors.

    ... (truncated)

    Commits
    • 7ff2161 Updating copyright years
    • b13af38 Fix for DateTimeTest according to changes in MySQL server.
    • 5c7b775 Update in test for Bug#96900 (30355150).
    • e1169ee Fix for Bug#99260 (31189960), statement.setQueryTimeout,creates a database co...
    • 05778ef Fix for Bug#103324 (32770013), X DevAPI Collection.replaceOne() missing match...
    • 48219f2 Fix for Bug#105197 (33461744), Statement.executeQuery() may return non-naviga...
    • 24cf7e2 Fix for Bug#105323 (33507321), README.md contains broken links.
    • ad46620 Fix for Bug#96900 (30355150), STATEMENT.CANCEL()CREATE A DATABASE
    • 4d19ea1 Fix for Bug#104067 (33054827), No reset autoCommit after unknown issue occurs.
    • bc45d35 Fix for Bug#85223 (25656020), MYSQLSQLXML SETSTRING CRASH.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump xxl-job-core from 2.2.0 to 2.3.0 in /归档/mall-dependencies

    Bump xxl-job-core from 2.2.0 to 2.3.0 in /归档/mall-dependencies

    Bumps xxl-job-core from 2.2.0 to 2.3.0.

    Release notes

    Sourced from xxl-job-core's releases.

    XXL-JOB v2.3.0,分布式任务调度平台

    Release Notes

    • 1、【新增】调度过期策略:调度中心错过调度时间的补偿处理策略,包括:忽略、立即补偿触发一次等;
    • 2、【新增】触发策略:除了常规Cron、API、父子任务触发方式外,新增提供 "固定间隔触发、(固定延时触发,实验中)" 新触发方式;
    • 3、【新增】新增任务辅助工具 "XxlJobHelper":提供统一任务辅助能力,包括:任务上下文信息维护获取(任务参数、任务ID、分片参数)、日志输出、任务结果设置……等;
      • 3.1、"ShardingUtil" 组件废弃:改用 "XxlJobHelper.getShardIndex()/getShardTotal();" 获取分片参数;
      • 3.2、"XxlJobLogger" 组件废弃:改用 "XxlJobHelper.log" 进行日志输出;
    • 4、【优化】任务核心类 "IJobHandler" 的 "execute" 方法取消出入参设计。改为通过 "XxlJobHelper.getJobParam" 获取任务参数并替代方法入参,通过 "XxlJobHelper.handleSuccess/handleFail" 设置任务结果并替代方法出参,示例代码如下;
    @XxlJob("demoJobHandler")
public void execute() {
  String param = XxlJobHelper.getJobParam();    // 获取参数
  XxlJobHelper.handleSuccess();                 // 设置任务结果
}
    • 5、【优化】Cron编辑器增强:Cron编辑器修改cron时可实时查看最近运行时间;
    • 6、【优化】执行器示例项目规范整理;
    • 7、【优化】任务调度生命周期重构:调度(schedule)、触发(trigger)、执行(handle)、回调(callback)、结束(complete);
    • 8、【优化】执行器注册组件优化:注册逻辑调整为异步方式,提高注册性能;
    • 9、【优化】执行器鉴权校验:执行器启动时主动校验accessToken,为空则主动Warn告警;(已规划安全强化:AccessToken动态生成、动态启停等)
    • 10、【优化】邮箱告警配置优化:将"spring.mail.from"与"spring.mail.username"属性拆分开,更加灵活的支持一些无密码邮箱服务;
    • 11、【优化】多个项目依赖升级至较新稳定版本,如netty、groovy、spring、springboot、mybatis等;
    • 12、【优化】UI组件常规升级,提升组件稳定性;
    • 13、【优化】调度中心页面交互优化:用户管理模块密码列取消;多处表达autocomplete取消;执行器管理模块XSS拦截校验等;
    • 14、【优化】调度中心任务状态探测慢SQL问题优化;
    • 15、【修复】GLUE-Java模式任务,init/destroy无法执行问题修复;
    • 16、【修复】Cron编辑器问题修复:修复小概率情况下cron单个字段修改时导致其他字段被重置问题;
    • 17、【修复】通用HTTP任务Handler(httpJobHandler)优化:修复 "setDoOutput(true)" 导致任务请求GetMethod失效问题;
    • 18、【修复】执行器Commandhandler示例任务优化,修复极端情况下脚本进程挂起问题;
    • 19、【修复】调度通讯组件优化,修复RestFul方式调用 DotNet 版本执行器时心跳检测失败问题;
    • 20、【修复】调度中心远程执行日志查询乱码问题修复;
    • 21、【修复】调度中心组件加载顺序优化,修复极端情况下调度组件初始慢导致的调度失败问题;
    • 22、【修复】执行器注册线程优化,修复极端情况下初始化失败时导致NPE问题;
    • 23、【修复】调度线程连接池优化,修复连接有效性校验超时问题;
    • 24、【修复】执行器注册表字段优化,解决执行器注册节点过多导致注册信息存储和更新失败的问题;
    • 25、【修复】轮训路由策略优化,修复小概率下并发问题;
    • 26、【修复】页面redirect跳转后https变为http问题修复;
    • 27、【修复】执行器日志清理优化,修复小概率下日志文件为空导致清理异常问题;
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • 功能增加-不是bug

    功能增加-不是bug

    碰到问题,请在 https://github.com/YunaiV/yudao-cloud/issues 搜索是否存在相似的 issue。

    不按照模板提交的 issue,会被系统自动删除。

    基本信息

    我在自己的项目中,实现了一个字段级别权限管理,这个项目中是否需要添加进来

    相关设计 知识库权限业务设计.pdf

    • ruoyi-vue-pro 版本:
    • 操作系统:
    • 数据库:

    你猜测可能的原因

    系统功能增加

    复现步骤

    报错信息

    opened by glide-the 1
Owner
芋道源码
愿半生编码,如一生老友!
芋道源码
GitHub
newbee-mall 项目(新蜂商城)是一套电商系统,包括 newbee-mall 商城系统及 newbee-mall-admin 商城后台管理系统,基于 Spring Boot 2.X 及相关技术栈开发。 前台商城系统包含首页门户、商品分类、新品上线、首页轮播、商品推荐、商品搜索、商品展示、购物车、订单结算、订单流程、个人订单管理、会员中心、帮助中心等模块。 后台管理系统包含数据面板、轮播图管理、商品管理、订单管理、会员管理、分类管理、设置等模块。

newbee-mall 项目是一套电商系统,包括 newbee-mall 商城系统及 newbee-mall-admin 商城后台管理系统,基于 Spring Boot 2.X 及相关技术栈开发。 前台商城系统包含首页门户、商品分类、新品上线、首页轮播、商品推荐、商品搜索、商品展示、购物车、订单结算

newbee-ltd 9.6k Jan 5, 2023
一个涵盖六个专栏:Spring Boot 2.X、Spring Cloud、Spring Cloud Alibaba、Dubbo、分布式消息队列、分布式事务的仓库。希望胖友小手一抖,右上角来个 Star,感恩 1024

友情提示:因为提供了 50000+ 行示例代码,所以艿艿默认注释了所有 Maven Module。 胖友可以根据自己的需要,修改 pom.xml 即可。 一个涵盖六个主流技术栈的正经仓库: 《Spring Boot 专栏》 《Spring Cloud Alibaba 专栏》 《Spring Clou

芋道源码 15.7k Dec 31, 2022
循序渐进,学习Spring Boot、Spring Boot & Shiro、Spring Batch、Spring Cloud、Spring Cloud Alibaba、Spring Security & Spring Security OAuth2,博客Spring系列源码:https://mrbird.cc

Spring 系列教程 该仓库为个人博客https://mrbird.cc中Spring系列源码,包含Spring Boot、Spring Boot & Shiro、Spring Cloud,Spring Boot & Spring Security & Spring Security OAuth2

mrbird 24.8k Jan 6, 2023
Spring Cloud Alibaba provides a one-stop solution for application development for the distributed solutions of Alibaba middleware.

Spring Cloud Alibaba A project maintained by Alibaba. See the 中文文档 for Chinese readme. Spring Cloud Alibaba provides a one-stop solution for distribut

Alibaba 24.4k Jan 1, 2023
Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Different Gadgets

The 0xDABB of Doom - CVE-2021-25641-Proof-of-Concept Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Da

Dor Tumarkin 51 Apr 24, 2022
该仓库中主要是 Spring Boot 的入门学习教程以及一些常用的 Spring Boot 实战项目教程,包括 Spring Boot 使用的各种示例代码,同时也包括一些实战项目的项目源码和效果展示,实战项目包括基本的 web 开发以及目前大家普遍使用的线上博客项目/企业大型商城系统/前后端分离实践项目等,摆脱各种 hello world 入门案例的束缚,真正的掌握 Spring Boot 开发。

Spring Boot Projects 该仓库中主要是 Spring Boot 的入门学习教程以及一些常用的 Spring Boot 实战项目教程,包括 Spring Boot 使用的各种示例代码,同时也包括一些实战项目的项目源码和效果展示,实战项目包括基本的 web 开发以及目前大家普遍使用的前

十三 4.5k Dec 30, 2022
企业级 Spring Cloud Alibaba 微服务脚手架,nacos 配置中心、Oauth2认证与鉴权、Docker 容器化部署,开发环境一键式脚本安装,10分钟即可构建

云龙 Cloud Dragon 适合于企业级别的微服务开发脚手架,功能齐全,开箱即用,部署快捷 目前项目处于开发阶段,部分功能已经可以使用,后续会逐步完成其他规划内容,并完善项目文档,如果你在使用过程中遇到任何问题,可以通过 QQ 群聊联系我,请戳这里 加入群聊。 ?? 项目介绍 Cloud Dra

chenxiaolong 17 Dec 19, 2022
Alibaba Cloud Dedicated KMS Transfer SDK for Java can help Java developers to migrate from the KMS keys to the Dedicated KMS keys.

Alibaba Cloud Dedicated KMS Transfer SDK for Java Alibaba Cloud Dedicated KMS Transfer SDK for Java can help Java developers to migrate from the KMS k

Alibaba Cloud 3 May 12, 2022
Demo microservice architecture with Spring ,Spring Cloud Gateway , Spring Cloud config server , Eureuka , keycloak and Docker.

spring-microservice Demo microservice architecture with Spring ,Spring Cloud Gateway , Spring Cloud config server , Eureuka , keycloak and Docker. Arc

null 4 Sep 13, 2022
:herb: 基于springboot的快速学习示例,整合自己遇到的开源框架,如:rabbitmq(延迟队列)、Kafka、jpa、redies、oauth2、swagger、jsp、docker、spring-batch、异常处理、日志输出、多模块开发、多环境打包、缓存cache、爬虫、jwt、GraphQL、dubbo、zookeeper和Async等等:pushpin:

欢迎大家留言和PR~ Tip: 技术更新换代太快,本仓库仅做参考,自己的项目具体使用哪个版本还需谨慎思考~(不推荐使用最新的版本,推荐使用(最新-1|2)的版本,会比较稳定) spring-boot-quick 前言   自己很早就想搞一个总的仓库就是将自己平时遇到的和学习到的东西整合在一起,方便后

wangxc 2.1k Jan 2, 2023
A high availability shopping(ecommerce) system using SpringBoot, Spring Cloud, Eureka Server, Spring Cloud Gateway, resillience4j, Kafka, Redis and MySQL.

High-availability-shopping-system A high availability shopping(ecommerce) system using SpringBoot, Spring Cloud, Eureka Server, Spring Cloud Gateway,

LeiH 1 Oct 26, 2022
A simple implementation of the Dubbo protocol.

Codec-dubbo Codec-dubbo is a binary codec framework for dubbo protocol Features Fully compatible with Dubbo protocol Completely rewritten based on Net

ESA Stack 13 Nov 21, 2022
A dubbo gateway based Java language.

A dubbo gateway based Java language.

老夫正年轻 19 Sep 24, 2022
A spring cloud infrastructure provides various of commonly used cloud components and auto-configurations for high project consistency

A spring cloud infrastructure provides various of commonly used cloud components and auto-configurations for high project consistency.

Project-Hephaestus 2 Feb 8, 2022
Spring boot microservice example with Eureka Server + Eureka Client + Spring Cloud API Gateway + OAuth2.0 + Circuit Breaker + Resilience4J + FeignClient + RestTemplate

Spring boot microservice example Spring boot microservice example with Eureka Server + Eureka Client + Spring Cloud API Gateway + OAuth2.0 + Circuit B

Subhash Lamba 47 Dec 29, 2022
Microservice Architecture with Spring Boot, Spring Cloud and Docker

Piggy Metrics Piggy Metrics is a simple financial advisor app built to demonstrate the Microservice Architecture Pattern using Spring Boot, Spring Clo

Alexander Lukyanchikov 12.1k Jan 1, 2023
Spring Boot microservices app with Spring Cloud, Robust and resilient backend managing e-Commerce app

e-Commerce-boot μServices Important Note: This project's new milestone is to move The whole system to work on Kubernetes, so stay tuned. Introduction

Selim Horri 65 Dec 23, 2022
Sample Spring-Cloud-Api-Gateway Project of Spring Boot

Sample-Spring-Cloud-Api-Gateway Sample Spring-Cloud-Api-Gateway Project of Spring Boot Proejct Stack Spring Webflux Spring Cloud Gateway Spring Data R

Seokhyun 2 Jan 17, 2022
Hcode Online Judge(HOJ):An open source online judge system base on SpringBoot, Springcloud Alibaba and Vue.js !

Hcode Online Judge(HOJ) 前言 基于前后端分离,分布式架构的在线测评平台(hoj),前端使用vue,后端主要使用springboot,redis,mysql,nacos等技术。 在线Demo:https://hdoi.cn 在线文档:https://www.hcode.top/

Himit_ZH 179 Dec 31, 2022