A strongly consistent distributed transaction framework

dromara

Last update: Jan 3, 2023

Overview

Raincat

A strongly consistent distributed transaction framework

Modules

raincat-admin: Transaction log management background
raincat-annotation : Framework common annotation
raincat-common : Framework common class
raincat-core : Framework core package (annotation processing, log storage...)
raincat-dashboard : Management background front-end
raincat-dubbo : Support for the dubbo framework Less than 2.7 version
raincat-motan : Support for the motan rpc framework
raincat-springcloud : Support for the spring cloud rpc framework
raincat-spring-boot-starter : Support for the spring boot starter
raincat-sample : Examples using the raincat framework

Features

All spring versions are supported and Seamless integration
Provides support for the springcloud dubbo motan RPC framework
Provides integration of the spring boot starter approach
Support Nested transaction
Local transaction storage support : redis mongodb zookeeper file mysql
Transaction log serialization support : java hessian kryo protostuff
Spi extension : Users can customize the storage of serialization and transaction logs

Transaction Role

Transaction starter : @TxTransaction for The entry point of the first section
Transaction participant : Rpc invoker in the method (Add @TxTransaction)
Transaction coordinator : Coordinate the rollback of commit transactions

Raincat-Manager

It is the coordinator of the transaction and USES netty communication framework to communicate with participants and initiators.

Use eureka as a registry to support cluster deployment.

Use redis to store transaction information.

It has to start early.

Prerequisite

You must use jdk1.8 +
You must be a user of the spring framework
You must use one of the dubbo, motan, and springcloud RPC frameworks

About

raincat is A strongly consistent distributed transaction framework.

Good concurrency support, blocking spring transaction thread commit.

When the execution of the slice is complete and there is no exception,

the submission command is sent asynchronously by the coordinator to achieve strong consistency.

If you want to use it or get a quick look at it. Quick Start

Stargazers

Flow

Support

Comments

如何使用集群

两台 tx-manager 分别是
172.20.101.46:8761; 172.20.101.93:8761;
nginx 172.20.101.93:9761;
使用文档中提供的demo,只是修改applicationContext.xml里的<property name="txManagerUrl" value="http://172.20.101.93:9761"/>
测试,停掉一台tx-manager 客户端

2018-12-16 12:57:53.618  INFO 7172 --- [anagerLocator-1] o.d.r.c.service.impl.TxManagerLocator    : refresh updateTxManagerServices delayTime:60
2018-12-16 12:57:59.593 DEBUG 7172 --- [ntLoopGroup-3-7] o.d.r.c.n.h.NettyClientMessageHandler    : send tx manager heart beat!
2018-12-16 12:57:59.595 DEBUG 7172 --- [ntLoopGroup-3-7] o.d.r.c.n.h.NettyClientMessageHandler    : receive tx manage info :心跳
2018-12-16 12:58:09.594 DEBUG 7172 --- [ntLoopGroup-3-7] o.d.r.c.n.h.NettyClientMessageHandler    : send tx manager heart beat!
2018-12-16 12:58:09.595 DEBUG 7172 --- [ntLoopGroup-3-7] o.d.r.c.n.h.NettyClientMessageHandler    : receive tx manage info :心跳
2018-12-16 12:58:19.594 DEBUG 7172 --- [ntLoopGroup-3-7] o.d.r.c.n.h.NettyClientMessageHandler    : send tx manager heart beat!
2018-12-16 12:58:19.595 DEBUG 7172 --- [ntLoopGroup-3-7] o.d.r.c.n.h.NettyClientMessageHandler    : receive tx manage info :心跳

tx-manager

2018-12-16 12:59:48.699 DEBUG 1805 --- [ntLoopGroup-6-3] o.d.r.m.n.h.NettyServerMessageHandler    : receive client date this action:心跳
2018-12-16 12:59:49.181 DEBUG 1805 --- [ntLoopGroup-6-1] o.d.r.m.n.h.NettyServerMessageHandler    : receive client date this action:心跳
2018-12-16 12:59:49.298  INFO 1805 --- [a-EvictionTimer] c.n.e.registry.AbstractInstanceRegistry  : Running the evict task with compensationTime 1ms
2018-12-16 12:59:49.624 DEBUG 1805 --- [ntLoopGroup-6-2] o.d.r.m.n.h.NettyServerMessageHandler    : receive client date this action:心跳

再访问pay项目的swagger-ui里的save方法

{
  "timestamp": "2018-12-16T04:52:49.140+0000",
  "status": 500,
  "error": "Internal Server Error",
  "message": "TxManager connection ex！",
  "path": "/pay-service/pay/orderPay"
}

nginx的配置



worker_processes  1;

events {
    worker_connections  1024;
}


http {

     map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
    }

    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    upstream hi-linux-01.com {
        server 172.20.101.46:8761;
        server 172.20.101.93:8761;
    }

    server {
        listen       9761;
        server_name  172.20.101.94;

        location / {
              proxy_pass http://hi-linux-01.com;
              proxy_set_header Upgrade $http_upgrade;
              proxy_set_header Connection $connection_upgrade;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

配置注册中心

eureka:
 client:
     serviceUrl:
       defaultZone: http://172.20.101.93:8761/eureka/,http://172.20.101.46:8761/eureka/

opened by aaaaaaanthony 3

raincat-admin 登录404

配置 application.yml

server:
   port: 8888
#   context-path: /admin

spring:
   application:
      name: raincat-admin
   profiles:
     active: db

tx:
  admin :
    userName : admin
    password : admin
  redis:
    hostName: localhost
    port : 6379
    #password:
    cluster : false
      # nodes: 127.0.0.1:70001;127.0.1:7002
      # redirects: 20

accept:
  apps:
    server:
      type[0]: property
      type[1]: eureka
      type[2]: unaccept
    eureka:
      url: http://localhost:9003/eureka
      intervalTime: 30

application-db.yml

recover:
   application:
      list : alipay-service,wechat-service,pay-service
   serializer :
      support: kryo
   retry :
      max: 10
   db:
      driver :  com.mysql.jdbc.Driver
      url: jdbc:mysql://172.20.100.205:3306/tx?useUnicode=true&amp;characterEncoding=utf8
      username: root
      password: root

opened by aaaaaaanthony 2

Bump loader-utils and html-webpack-plugin in /raincat-dashboard
Bumps loader-utils to 1.4.1 and updates ancestor dependency html-webpack-plugin. These dependencies need to be updated together.

Updates loader-utils from 1.1.0 to 1.4.1

Release notes

Sourced from loader-utils's releases.

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

v1.4.0

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

v1.3.0

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

v1.2.3

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

v1.2.2

1.2.2 (2018-12-27)

Bug Fixes

fixed a hash type extracting in interpolateName (#137) (f8a71f4)

v1.2.1

1.2.1 (2018-12-25)

... (truncated)

Changelog

Sourced from loader-utils's changelog.

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

1.2.2 (2018-12-27)

Bug Fixes

fixed a hash type extracting in interpolateName (#137) (f8a71f4)

1.2.1 (2018-12-25)

... (truncated)

Commits

8f082b3 chore(release): 1.4.1

4504e34 fix: security problem (#220)

d95b8b5 chore(release): 1.4.0

cd0e428 feat: the resourceQuery is passed to the interpolateName method (#163)

06d36cf chore(release): 1.3.0

469eeba feat: support the [query] template for the interpolatedName method (#162)

909c99d chore: funding.yml config and CI fix (#159)

b5b74f0 Set up CI with Azure Pipelines

7970c48 docs: small grammar change (#144)

b91a76c chore(release): 1.2.3

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.

Updates html-webpack-plugin from 2.30.1 to 5.5.0

Changelog

Sourced from html-webpack-plugin's changelog.

5.5.0 (2021-10-25)

Features

Support type=module via scriptLoading option (1e42625), closes #1663

5.4.0 (2021-10-15)

Features

update terser (9c7fba0

5.3.2 (2021-06-22)

Bug Fixes

update lodash and pretty error (9c7fba0

5.3.1 (2021-03-09)

Bug Fixes

remove loader-utils from plugin core (82d0ee8)

5.3.0 (2021-03-07)

Features

allow to modify the interpolation options in webpack config (d654f5b)

drop loader-utils dependency (41d7a50)

5.2.0 (2021-02-19)

Features

improve ssr (73d2a66)

5.1.0 (2021-02-12)

Features

omit html tag attribute with null/undefined/false value (aa6e78d), closes #1598

5.0.0 (2021-02-03)

... (truncated)

Commits

873d75b chore(release): 5.5.0

ddeb774 chore: update examples

1e42625 feat: Support type=module via scriptLoading option

7d3645b Bump pretty-error to 4.0.0 to fix transitive vuln for ansi-regex CVE-2021-3807

79be779 [chore] changes actions to run on pull_requests

b7e5859 [chore] fixes CI to avoid race conditions

48131d3 chore(release): 5.4.0

16a841a [chore] rebuild examples

3bb7c17 Update index.js

e38ac97 Update index.js

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jantimon, a new releaser for html-webpack-plugin since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 1
Bump spring-core from 5.0.7.RELEASE to 5.3.19
Bumps spring-core from 5.0.7.RELEASE to 5.3.19.

Release notes

Sourced from spring-core's releases.

v5.3.19

:star: New Features

Remove DNS lookups during websocket connection initiation #28280

Add application/graphql+json Media type and MIME type constants #28271

Fix debug log for no matching acceptableTypes #28116

Provide support for post-processing a LocalValidatorFactoryBean's validator Configuration without requiring sub-classing #27956

:lady_beetle: Bug Fixes

Improve documentation and matching algorithm in data binders #28333

NotWritablePropertyException when attempting to declaratively configure ClassLoader properties #28269

BeanPropertyRowMapper's support for direct column name matches is missing in DataClassRowMapper #28243

AbstractListenerReadPublisher does not call ServletOutputStream::isReady() when reading chunked data across network packets #28241

ResponseEntity objects are accumulated in ConcurrentReferenceHashMap #28232

Lambda proxy generation fix causes BeanNotOfRequiredTypeException #28209

CodeGenerationException thrown when using AnnotationMBeanExporter on JDK 17 #28138

:hammer: Dependency Upgrades

Upgrade to Reactor 2020.0.18 #28329

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

@GatinMI

v5.3.18

:star: New Features

Restrict access to property paths on Class references #28261

Introduce cancel(boolean mayInterruptIfRunning) in ScheduledTask #28233

:lady_beetle: Bug Fixes

Move off deprecated API in SessionTransactionData #28234

:notebook_with_decorative_cover: Documentation

Introduce warnings in documentation of SerializationUtils #28246

Update copyright date in reference manual #28237

@Transactional test does not execute all JPA lifecycle callback methods #28228

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

@izeye

@quaff

... (truncated)

Commits

cedb587 Release v5.3.19

a7cf19c Improve documentation and matching algorithm in data binders

0cf7f7b Polishing

949c3d4 Align plain accessor check

3b4ae7b TomcatHttpHandlerAdapter continues after 0 bytes

8b39698 Upgrade to Reactor 2020.0.18

6fad00e Ensure dynamic proxy with AOP introduction includes lambda interfaces

5f6d8df Introduce isLambdaClass() as a public utility in ClassUtils

35de7e1 Introduce initializer callback for Bean Validation Configuration

10e979e Polishing

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 1
Bump spring-webmvc from 5.0.7.RELEASE to 5.3.18
Bumps spring-webmvc from 5.0.7.RELEASE to 5.3.18.

Release notes

Sourced from spring-webmvc's releases.

v5.3.18

:star: New Features

Restrict access to property paths on Class references #28261

Introduce cancel(boolean mayInterruptIfRunning) in ScheduledTask #28233

:lady_beetle: Bug Fixes

Move off deprecated API in SessionTransactionData #28234

:notebook_with_decorative_cover: Documentation

Introduce warnings in documentation of SerializationUtils #28246

Update copyright date in reference manual #28237

@Transactional test does not execute all JPA lifecycle callback methods #28228

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

@izeye

@quaff

v5.3.17

:star: New Features

Using DataClassRowMapper causes "No property found for column" debug messages in logs #28179

Improve diagnostics in SpEL for large array creation #28145

Support custom HTTP status in client-side REST testing support #28105

AsyncRestTemplate logging too verbose #28049

:lady_beetle: Bug Fixes

java.lang.NoClassDefFoundError: org/springframework/cglib/beans/BeanMapEmitter #28110

CronExpression fails to calculate properly next execution when running on the day of winter daylight saving time #28095

Private init/destroy method may be invoked twice #28083

MappingJacksonValue and Jackson2CodecSupport#registerObjectMappersForType do not work together #28045

SpEL fails to recover from error during MIXED mode compilation #28043

When returning a ResponseEntity with a Flux while the function is suspended, it fails to encode the body #27809

:notebook_with_decorative_cover: Documentation

Improve documentation for @EnabledIf and @DisabledIf test support #28157

Links to Spring Security are broken in the reference guide #28135

Document that transaction rollback rules may result in unintentional matches #28125

Improve documentation for TestContext events #27757

Clarify behavior for generics support in BeanUtils.copyProperties #27259

:hammer: Dependency Upgrades

... (truncated)

Commits

707a24c Release v5.3.18

002546b Refine PropertyDescriptor filtering

1627f57 Disable flaky integration tests for now

3811cd4 Introduce warnings in documentation of SerializationUtils

d927e37 Add "Testing ORM entity lifecycle callbacks" note to Testing chapter

1d302bf Introduce tests for gh-28228

4b150fd Update copyright date in reference manual

3a6016d Merge pull request #28238 from izeye

135506f Update copyright year of EvaluationTests

cb36ca3 Upgrade to ASM master

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 1
Bump spring-core from 5.0.7.RELEASE to 5.3.18
Bumps spring-core from 5.0.7.RELEASE to 5.3.18.

Release notes

Sourced from spring-core's releases.

v5.3.18

:star: New Features

Restrict access to property paths on Class references #28261

Introduce cancel(boolean mayInterruptIfRunning) in ScheduledTask #28233

:lady_beetle: Bug Fixes

Move off deprecated API in SessionTransactionData #28234

:notebook_with_decorative_cover: Documentation

Introduce warnings in documentation of SerializationUtils #28246

Update copyright date in reference manual #28237

@Transactional test does not execute all JPA lifecycle callback methods #28228

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

@izeye

@quaff

v5.3.17

:star: New Features

Using DataClassRowMapper causes "No property found for column" debug messages in logs #28179

Improve diagnostics in SpEL for large array creation #28145

Support custom HTTP status in client-side REST testing support #28105

AsyncRestTemplate logging too verbose #28049

:lady_beetle: Bug Fixes

java.lang.NoClassDefFoundError: org/springframework/cglib/beans/BeanMapEmitter #28110

CronExpression fails to calculate properly next execution when running on the day of winter daylight saving time #28095

Private init/destroy method may be invoked twice #28083

MappingJacksonValue and Jackson2CodecSupport#registerObjectMappersForType do not work together #28045

SpEL fails to recover from error during MIXED mode compilation #28043

When returning a ResponseEntity with a Flux while the function is suspended, it fails to encode the body #27809

:notebook_with_decorative_cover: Documentation

Improve documentation for @EnabledIf and @DisabledIf test support #28157

Links to Spring Security are broken in the reference guide #28135

Document that transaction rollback rules may result in unintentional matches #28125

Improve documentation for TestContext events #27757

Clarify behavior for generics support in BeanUtils.copyProperties #27259

:hammer: Dependency Upgrades

... (truncated)

Commits

707a24c Release v5.3.18

002546b Refine PropertyDescriptor filtering

1627f57 Disable flaky integration tests for now

3811cd4 Introduce warnings in documentation of SerializationUtils

d927e37 Add "Testing ORM entity lifecycle callbacks" note to Testing chapter

1d302bf Introduce tests for gh-28228

4b150fd Update copyright date in reference manual

3a6016d Merge pull request #28238 from izeye

135506f Update copyright year of EvaluationTests

cb36ca3 Upgrade to ASM master

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 1
Bump spring-beans from 5.0.7.RELEASE to 5.3.18
Bumps spring-beans from 5.0.7.RELEASE to 5.3.18.

Release notes

Sourced from spring-beans's releases.

v5.3.18

:star: New Features

Restrict access to property paths on Class references #28261

Introduce cancel(boolean mayInterruptIfRunning) in ScheduledTask #28233

:lady_beetle: Bug Fixes

Move off deprecated API in SessionTransactionData #28234

:notebook_with_decorative_cover: Documentation

Introduce warnings in documentation of SerializationUtils #28246

Update copyright date in reference manual #28237

@Transactional test does not execute all JPA lifecycle callback methods #28228

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

@izeye

@quaff

v5.3.17

:star: New Features

Using DataClassRowMapper causes "No property found for column" debug messages in logs #28179

Improve diagnostics in SpEL for large array creation #28145

Support custom HTTP status in client-side REST testing support #28105

AsyncRestTemplate logging too verbose #28049

:lady_beetle: Bug Fixes

java.lang.NoClassDefFoundError: org/springframework/cglib/beans/BeanMapEmitter #28110

CronExpression fails to calculate properly next execution when running on the day of winter daylight saving time #28095

Private init/destroy method may be invoked twice #28083

MappingJacksonValue and Jackson2CodecSupport#registerObjectMappersForType do not work together #28045

SpEL fails to recover from error during MIXED mode compilation #28043

When returning a ResponseEntity with a Flux while the function is suspended, it fails to encode the body #27809

:notebook_with_decorative_cover: Documentation

Improve documentation for @EnabledIf and @DisabledIf test support #28157

Links to Spring Security are broken in the reference guide #28135

Document that transaction rollback rules may result in unintentional matches #28125

Improve documentation for TestContext events #27757

Clarify behavior for generics support in BeanUtils.copyProperties #27259

:hammer: Dependency Upgrades

... (truncated)

Commits

707a24c Release v5.3.18

002546b Refine PropertyDescriptor filtering

1627f57 Disable flaky integration tests for now

3811cd4 Introduce warnings in documentation of SerializationUtils

d927e37 Add "Testing ORM entity lifecycle callbacks" note to Testing chapter

1d302bf Introduce tests for gh-28228

4b150fd Update copyright date in reference manual

3a6016d Merge pull request #28238 from izeye

135506f Update copyright year of EvaluationTests

cb36ca3 Upgrade to ASM master

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 1
Bump dubbo from 2.6.5 to 2.6.9 in /raincat-sample/raincat-dubbo-sample
Bumps dubbo from 2.6.5 to 2.6.9.

Release notes

Sourced from dubbo's releases.

dubbo-2.6.9

Support hessian 3.2.8/3.2.9 whitelist and blacklist

Upgrade Fastjson dependency to 1.2.70

Enhanced consumer side thread pool strategy

apache-dubbo-2.6.8

Please upgrade to the latest version to avoid potential security issues.

Vulnerability

CVE-2019-17564, Apache Dubbo deserialization vulnerability.

apache-dubbo-2.6.7

2.6.7

Enhancement / New feature：

Multicast ipv6 support #3430

Add Annotation-Driven for MethodConfig and ArgumentConfig #2298

@Method default value will be set to the field of MethodConfig #3642

ignore unrecognized dubbo versions. #4486

Bugfixes:

@Reference field can't refer its' @Service Bean in same JVM from v2.6.6 #3695

Nacos Dubbo Registry can't sense the change of service instances #4348

Dubbo throws IoException with error message while decoding fail #4396

详情

[功能] 广播注册中心支持 IP V6

[功能] 为注解驱动添加 MethodConfig 以及 ArgumentConfig 支持 #2298

[功能] 添加 @Method 注解属性的默认值 #3642

[提升] 忽略无法识别的 Dubbo 版本，提升 Dubbo 应用的健壮性 #4486

[问题修复] @Reference 无法引用本地 @Service Bean #3695

[问题修复] Dubbo Nacos 注册中心无法感知应用实例的变化 #4348

[问题修复] 当 decoding 错误时，修正 IOException 错误信息 #4396

apache-dubbo-2.6.6

Enhancement / New feature：

tag route. #3065

Use Netty4 as default Netty version. #3029

upporting Java 8 Date/Time type when serializing with Kryo #3519

supoort config telnet #3511

add annotation driven in MethodConfig and ArgumentConfig #2603

add nacos-registry module #3296

add protocol attribute in @Rerefence #3555

support the hierarchical interface in @Service #3251

change the default behavior in @EnableDubboConfig.multiple() #3193

inline source code of spring-context-support #3192

... (truncated)

Changelog

Sourced from dubbo's changelog.

Release Notes

Please refer to https://github.com/apache/dubbo/releases for notes of future releases.

2.7.6

Features

Support Service Authentication apache/dubbo#5461

Enhancement

Removing the internal JDK API from FileSystemDynamicConfiguration

Refactor the APT test-cases implementation of dubbo-metadata-processor in Java 9+

Remove feature envy

JsonRpcProtocol support Generalization

Reduce object allocation for ProtocolUtils.serviceKey

Reduce object allocation for ContextFilter.invoke

Bugfixes

Fixed bugs reported from 2.7.5 or lower versions, check 2.7.6 milestone for details.

Compatibility

Filter refactor, the callback method onResponse annotated as @Deprecated has been removed, users of lower versions that have extended Filter implementations and enabled Filter callbacks should be careful of this change.

RpcContext added some experimental APIs to support generic Object transmission.

2.7.5

Features

Support HTTP/2 through gRPC, offers all features supported by HTTP/2 and gRPC

Stream communication: client stream, server stream and bi-stream.

Reactive stream style RPC call.

Back pressure based on HTTP/2 flow-control mechanism.

TLS secure transport layer.

Define service using IDL

Protobuf support for native Dubbo

Define service using IDL

Protobuf serialization

TLS for netty4 server

New SPI for dynamically adding extra parameters into provider URL, especially env parameters.

[BETA] Brand new Service Discovery mechanism: Service Reflection - instance (application) level service discovery.

[BETA] Brand new API for bootstraping Dubbo projects

Performance Tuning

Overall performance improved by nearly 30% compared to v2.7.3 (by QPS in certain circumstances)

Improved consumer side thread model to avoid thread allocation and context switch, especially useful for services serving big traffic.

Enhancement

Load balance strategy among multiple registries:

Preferred

Same zone first

... (truncated)

Commits

d895bf1 prepare for 2.6.9 release

5e2c07c Hessian whitelist2 (#6486)

4a8abfd hessian whitelist (#6388)

a9f0762 fix #6369, Consumer cant set correct retries via generic invocation (#6370)

59320a9 upgrade fastjson to 1.2.70 (#6255)

280d54c fix override when interfaces is not null(#5860)

e778d5a upgrade fastjson to 1.2.67 (#5915)

585bb11 add new thread pool strategy for Consumer, allow all service calls to share t...

bada690 ignore empty blacklist pattern

5a6a069 copyright 2018-2020

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 1
Bump dubbo from 2.6.2 to 2.6.9
Bumps dubbo from 2.6.2 to 2.6.9.

Release notes

Sourced from dubbo's releases.

dubbo-2.6.9

Support hessian 3.2.8/3.2.9 whitelist and blacklist

Upgrade Fastjson dependency to 1.2.70

Enhanced consumer side thread pool strategy

apache-dubbo-2.6.8

Please upgrade to the latest version to avoid potential security issues.

Vulnerability

CVE-2019-17564, Apache Dubbo deserialization vulnerability.

apache-dubbo-2.6.7

2.6.7

Enhancement / New feature：

Multicast ipv6 support #3430

Add Annotation-Driven for MethodConfig and ArgumentConfig #2298

@Method default value will be set to the field of MethodConfig #3642

ignore unrecognized dubbo versions. #4486

Bugfixes:

@Reference field can't refer its' @Service Bean in same JVM from v2.6.6 #3695

Nacos Dubbo Registry can't sense the change of service instances #4348

Dubbo throws IoException with error message while decoding fail #4396

详情

[功能] 广播注册中心支持 IP V6

[功能] 为注解驱动添加 MethodConfig 以及 ArgumentConfig 支持 #2298

[功能] 添加 @Method 注解属性的默认值 #3642

[提升] 忽略无法识别的 Dubbo 版本，提升 Dubbo 应用的健壮性 #4486

[问题修复] @Reference 无法引用本地 @Service Bean #3695

[问题修复] Dubbo Nacos 注册中心无法感知应用实例的变化 #4348

[问题修复] 当 decoding 错误时，修正 IOException 错误信息 #4396

apache-dubbo-2.6.6

Enhancement / New feature：

tag route. #3065

Use Netty4 as default Netty version. #3029

upporting Java 8 Date/Time type when serializing with Kryo #3519

supoort config telnet #3511

add annotation driven in MethodConfig and ArgumentConfig #2603

add nacos-registry module #3296

add protocol attribute in @Rerefence #3555

support the hierarchical interface in @Service #3251

change the default behavior in @EnableDubboConfig.multiple() #3193

inline source code of spring-context-support #3192

... (truncated)

Changelog

Sourced from dubbo's changelog.

Release Notes

Please refer to https://github.com/apache/dubbo/releases for notes of future releases.

2.7.6

Features

Support Service Authentication apache/dubbo#5461

Enhancement

Removing the internal JDK API from FileSystemDynamicConfiguration

Refactor the APT test-cases implementation of dubbo-metadata-processor in Java 9+

Remove feature envy

JsonRpcProtocol support Generalization

Reduce object allocation for ProtocolUtils.serviceKey

Reduce object allocation for ContextFilter.invoke

Bugfixes

Fixed bugs reported from 2.7.5 or lower versions, check 2.7.6 milestone for details.

Compatibility

Filter refactor, the callback method onResponse annotated as @Deprecated has been removed, users of lower versions that have extended Filter implementations and enabled Filter callbacks should be careful of this change.

RpcContext added some experimental APIs to support generic Object transmission.

2.7.5

Features

Support HTTP/2 through gRPC, offers all features supported by HTTP/2 and gRPC

Stream communication: client stream, server stream and bi-stream.

Reactive stream style RPC call.

Back pressure based on HTTP/2 flow-control mechanism.

TLS secure transport layer.

Define service using IDL

Protobuf support for native Dubbo

Define service using IDL

Protobuf serialization

TLS for netty4 server

New SPI for dynamically adding extra parameters into provider URL, especially env parameters.

[BETA] Brand new Service Discovery mechanism: Service Reflection - instance (application) level service discovery.

[BETA] Brand new API for bootstraping Dubbo projects

Performance Tuning

Overall performance improved by nearly 30% compared to v2.7.3 (by QPS in certain circumstances)

Improved consumer side thread model to avoid thread allocation and context switch, especially useful for services serving big traffic.

Enhancement

Load balance strategy among multiple registries:

Preferred

Same zone first

... (truncated)

Commits

d895bf1 prepare for 2.6.9 release

5e2c07c Hessian whitelist2 (#6486)

4a8abfd hessian whitelist (#6388)

a9f0762 fix #6369, Consumer cant set correct retries via generic invocation (#6370)

59320a9 upgrade fastjson to 1.2.70 (#6255)

280d54c fix override when interfaces is not null(#5860)

e778d5a upgrade fastjson to 1.2.67 (#5915)

585bb11 add new thread pool strategy for Consumer, allow all service calls to share t...

bada690 ignore empty blacklist pattern

5a6a069 copyright 2018-2020

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 1
Bump mysql-connector-java from 5.1.40 to 8.0.16
Bumps mysql-connector-java from 5.1.40 to 8.0.16.

Changelog

Sourced from mysql-connector-java's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/

Version 8.0.20

Fix for Bug#30805426, IN CASE OF ISAUTHMETHODSWITCHREQUESTPACKET , TOSERVERS > 1 ARE IGNORED.

Fix for Bug#97714 (30570249), Contribution: Expose elapsed time for query interceptor to avoid hacky thread local implementations. Thanks to Matti Sillanpää and Johnathan Crawford for their contribution.

Fix for Bug#97724 (30570721), Contribution: Allow '3.' formatted numbers. Thanks to Nick Pollett for his contribution.

Fix for Bug#98536 (30877755), SIMPLEDATEFORMAT COULD CACHE A WRONG CALENDAR.

Fix for Bug#91112 (28125069), AGAIN WRONG JAVA.SQL.DATE.

Fix for Bug#30474158, CONNECTOR/J 8 DOES NOT HONOR THE REQUESTED RESULTSETTYPE SCROLL_INSENSITIVE ETC.

Fix for Bug#98445 (30832513), Connection option clientInfoProvider=ClientInfoProviderSP causes NPE.

WL#12248, DevAPI: Connection compression.

Fix for Bug#30636056, ResultSetUtil.resultSetToMap() can be unsafe to use.

Fix for Bug#97757 (30584907), NULLPOINTEREXCEPTION WITH CACHERESULTSETMETADATA=TRUE AND EXECUTEQUERY OF "SET".

Version 8.0.19

WL#13346, Support for mult-host and failover.

Fix for Bug#97413 (30477722), DATABASEMETADATA IS BROKEN AFTER SERVER WL#13528.

WL#13367, DNS SRV support.

WL#12736, DevAPI: Specify TLS ciphers to be used by a client or session.

Fix for regression tests broken by Bug#97079 fix.

Fix for Bug#96383 (30119545) RS.GETTIMESTAMP() HAS DIFFERENT RESULTS FOR TIME FIELDS WITH USECURSORFETCH=TRUE.

Fix for Bug#96059 (29999318), ERROR STREAMING MULTI RESULTSETS WITH MYSQL-CONNECTOR-JAVA 8.0.X.

Fix for Bug#96442 (30151808), INCORRECT DATE ERROR WHEN CALLING GETMETADATA ON PREPARED STATEMENT.

Version 8.0.18

WL#13347, Connectors should handle expired password sandbox without SET operations.

Fix for Bug#84098 (25223123), endless loop in LoadBalancedAutoCommitInterceptor.

Commits

34cbc6b License book updated.

793bd55 Minor fix for tests failing with URL without parameters.

58600cc WL#12825, Remove third-party libraries from sources and bundles.

5aa15d5 Fix for Bug#93590 (29054329), javax.net.ssl.SSLException: closing inbound bef...

1fecc2b Fix for Bug#94414 (29384853), Connector/J RPM package have version number in ...

f5d24e3 Fix for Bug#27786499, REDUNDANT FILES IN DEBIAN PACKAGE FOR DEBIAN9(COMMUNITY...

c49db58 WL#12246, DevAPI: Prepared statement support.

a5c3d29 Added definition file for msi building tools.

13045c2 WL#10839, Adjust c/J tests to the new "ON" default for

2e350a5 Fix for Bug#29329326, PLEASE AVOID SHOW PROCESSLIST IF POSSIBLE.

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 1
Bump mysql-connector-java from 5.1.38 to 8.0.16 in /raincat-sample/raincat-springcloud-sample/raincat-springcloud-sample-pay
Bumps mysql-connector-java from 5.1.38 to 8.0.16.

Changelog

Sourced from mysql-connector-java's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/

Version 8.0.20

Fix for Bug#30805426, IN CASE OF ISAUTHMETHODSWITCHREQUESTPACKET , TOSERVERS > 1 ARE IGNORED.

Fix for Bug#97714 (30570249), Contribution: Expose elapsed time for query interceptor to avoid hacky thread local implementations. Thanks to Matti Sillanpää and Johnathan Crawford for their contribution.

Fix for Bug#97724 (30570721), Contribution: Allow '3.' formatted numbers. Thanks to Nick Pollett for his contribution.

Fix for Bug#98536 (30877755), SIMPLEDATEFORMAT COULD CACHE A WRONG CALENDAR.

Fix for Bug#91112 (28125069), AGAIN WRONG JAVA.SQL.DATE.

Fix for Bug#30474158, CONNECTOR/J 8 DOES NOT HONOR THE REQUESTED RESULTSETTYPE SCROLL_INSENSITIVE ETC.

Fix for Bug#98445 (30832513), Connection option clientInfoProvider=ClientInfoProviderSP causes NPE.

WL#12248, DevAPI: Connection compression.

Fix for Bug#30636056, ResultSetUtil.resultSetToMap() can be unsafe to use.

Fix for Bug#97757 (30584907), NULLPOINTEREXCEPTION WITH CACHERESULTSETMETADATA=TRUE AND EXECUTEQUERY OF "SET".

Version 8.0.19

WL#13346, Support for mult-host and failover.

Fix for Bug#97413 (30477722), DATABASEMETADATA IS BROKEN AFTER SERVER WL#13528.

WL#13367, DNS SRV support.

WL#12736, DevAPI: Specify TLS ciphers to be used by a client or session.

Fix for regression tests broken by Bug#97079 fix.

Fix for Bug#96383 (30119545) RS.GETTIMESTAMP() HAS DIFFERENT RESULTS FOR TIME FIELDS WITH USECURSORFETCH=TRUE.

Fix for Bug#96059 (29999318), ERROR STREAMING MULTI RESULTSETS WITH MYSQL-CONNECTOR-JAVA 8.0.X.

Fix for Bug#96442 (30151808), INCORRECT DATE ERROR WHEN CALLING GETMETADATA ON PREPARED STATEMENT.

Version 8.0.18

WL#13347, Connectors should handle expired password sandbox without SET operations.

Fix for Bug#84098 (25223123), endless loop in LoadBalancedAutoCommitInterceptor.

Commits

34cbc6b License book updated.

793bd55 Minor fix for tests failing with URL without parameters.

58600cc WL#12825, Remove third-party libraries from sources and bundles.

5aa15d5 Fix for Bug#93590 (29054329), javax.net.ssl.SSLException: closing inbound bef...

1fecc2b Fix for Bug#94414 (29384853), Connector/J RPM package have version number in ...

f5d24e3 Fix for Bug#27786499, REDUNDANT FILES IN DEBIAN PACKAGE FOR DEBIAN9(COMMUNITY...

c49db58 WL#12246, DevAPI: Prepared statement support.

a5c3d29 Added definition file for msi building tools.

13045c2 WL#10839, Adjust c/J tests to the new "ON" default for

2e350a5 Fix for Bug#29329326, PLEASE AVOID SHOW PROCESSLIST IF POSSIBLE.

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 1
Bump spring-web from 5.2.21.RELEASE to 6.0.0
Bumps spring-web from 5.2.21.RELEASE to 6.0.0.

Release notes

Sourced from spring-web's releases.

v6.0.0

See What's New in Spring Framework 6.x and Upgrading to Spring Framework 6.x for upgrade instructions and details of new features.

:star: New Features

Avoid direct URL construction and URL equality checks #29486

Simplify creating RFC 7807 responses from functional endpoints #29462

Allow test classes to provide runtime hints via declarative mechanisms #29455

:notebook_with_decorative_cover: Documentation

Align javadoc of DefaultParameterNameDiscoverer with its behavior #29494

Document AOT support in the TestContext framework #29482

Document Ahead of Time processing in the reference guide #29350

:hammer: Dependency Upgrades

Upgrade to Reactor 2022.0.0 #29465

:heart: Contributors

Thank you to all the contributors who worked on this release:

@ophiuhus and @wilkinsona

v6.0.0-RC4

:star: New Features

Introduce DataFieldMaxValueIncrementer for SQL Server sequences #29447

Introduce findAllAnnotationsOnBean variant on ListableBeanFactory #29446

Introduce support for Jakarta WebSocket 2.1 #29436

Allow @ControllerAdvice in WebFlux to handle exceptions before a handler is selected #22991

:lady_beetle: Bug Fixes

Bean with unresolved generics do not use fallback algorithms with AOT #29454

TomcatRequestUpgradeStrategy is not compatible with Tomcat 10.1 #29434

Autowiring of a generic type produced by a factory bean fails after AOT processing #29385

:notebook_with_decorative_cover: Documentation

Reference PDF containing full docs not available #28451

:hammer: Dependency Upgrades

Revisit Servlet API baseline: Servlet 6.0 in the build, Servlet 5.0 compatibility at runtime #29435

Upgrade to Context Propagation 1.0.0 #29442

Upgrade to Jackson 2.14.0 #29351

Upgrade to Micrometer 1.10.0 #29441

... (truncated)

Commits

5a30a43 Release v6.0.0

42856ba Add milestone repo for optional Netty 5 support

9be6cea Polishing deprecated methods

37b4391 Align javadoc of DefaultParameterNameDiscoverer with its behavior

09a58a5 Polish

10f4ad1 Assert fixed in DefaultErrorResponseBuilder

9457ed3 Document AOT support in the TestContext framework

074ec97 Fix section formatting in the testing chapter

9ede4af Revert "Ignore HttpComponents Javadoc"

bfc1251 Merge branch '5.3.x'

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies java
opened by dependabot[bot] 0
Bump express from 4.16.2 to 4.18.2 in /raincat-dashboard
Bumps express from 4.16.2 to 4.18.2.

Release notes

Sourced from express's releases.

4.18.2

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1

Fix hanging on large stack of sync routes

4.18.0

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

Fix emitted 416 error missing headers property

Limit the headers removed for 304 response

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

... (truncated)

Commits

8368dc1 4.18.2

61f4049 docs: replace Freenode with Libera Chat

bb7907b build: [email protected]

f56ce73 build: [email protected]

24b3dc5 deps: [email protected]

689d175 deps: [email protected]

340be0f build: [email protected]

33e8dc3 docs: use Node.js name style

644f646 build: [email protected]

ecd7572 build: [email protected]

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0
Bump qs and express in /raincat-dashboard
Bumps qs and express. These dependencies needed to be updated together. Updates qs from 6.4.0 to 6.4.1

Changelog

Sourced from qs's changelog.

6.4.1

[Fix] parse: ignore __proto__ keys (#428)

[Fix] fix for an impossible situation: when the formatter is called with a non-string value

[Fix] use safer-buffer instead of Buffer constructor

[Fix] utils.merge: avoid a crash with a null target and an array source

[Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source

[Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)

[Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided

[Fix] when parseArrays is false, properly handle keys ending in []

[Robustness] stringify: avoid relying on a global undefined (#427)

[Refactor] use cached Array.isArray

[Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] Clarify the need for "arrayLimit" option

[meta] fix README.md (#399)

[meta] Clean up license text so it’s properly detected as BSD-3-Clause

[meta] add FUNDING.yml

[actions] backport actions from main

[Tests] remove nonexistent tape option

[Dev Deps] backport from main

Commits

486aa46 v6.4.1

727ef5d [Fix] parse: ignore __proto__ keys (#428)

cd1874e [Robustness] stringify: avoid relying on a global undefined (#427)

45e987c [readme] remove travis badge; add github actions/codecov badges; update URLs

90a3bce [meta] fix README.md (#399)

9566d25 [Fix] fix for an impossible situation: when the formatter is called with a no...

74227ef Clean up license text so it’s properly detected as BSD-3-Clause

35dfb22 [actions] backport actions from main

7d4670f [Dev Deps] backport from main

0485440 [Fix] use safer-buffer instead of Buffer constructor

Additional commits viewable in compare view

Updates express from 4.16.2 to 4.18.2

Release notes

Sourced from express's releases.

4.18.2

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1

Fix hanging on large stack of sync routes

4.18.0

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

Fix emitted 416 error missing headers property

Limit the headers removed for 304 response

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

... (truncated)

Commits

8368dc1 4.18.2

61f4049 docs: replace Freenode with Libera Chat

bb7907b build: [email protected]

f56ce73 build: [email protected]

24b3dc5 deps: [email protected]

689d175 deps: [email protected]

340be0f build: [email protected]

33e8dc3 docs: use Node.js name style

644f646 build: [email protected]

ecd7572 build: [email protected]

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0
Bump loader-utils and html-webpack-plugin in /raincat-dashboard
Bumps loader-utils to 1.4.2 and updates ancestor dependency html-webpack-plugin. These dependencies need to be updated together.

Updates loader-utils from 1.1.0 to 1.4.2

Release notes

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

v1.4.0

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

v1.3.0

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

v1.2.3

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

v1.2.2

1.2.2 (2018-12-27)

Bug Fixes

... (truncated)

Changelog

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

1.2.2 (2018-12-27)

Bug Fixes

... (truncated)

Commits

331ad50 chore(release): 1.4.2

17cbf8f fix: ReDoS problem (#226)

8f082b3 chore(release): 1.4.1

4504e34 fix: security problem (#220)

d95b8b5 chore(release): 1.4.0

cd0e428 feat: the resourceQuery is passed to the interpolateName method (#163)

06d36cf chore(release): 1.3.0

469eeba feat: support the [query] template for the interpolatedName method (#162)

909c99d chore: funding.yml config and CI fix (#159)

b5b74f0 Set up CI with Azure Pipelines

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.

Updates html-webpack-plugin from 2.30.1 to 5.5.0

Changelog

Sourced from html-webpack-plugin's changelog.

5.5.0 (2021-10-25)

Features

Support type=module via scriptLoading option (1e42625), closes #1663

5.4.0 (2021-10-15)

Features

update terser (9c7fba0

5.3.2 (2021-06-22)

Bug Fixes

update lodash and pretty error (9c7fba0

5.3.1 (2021-03-09)

Bug Fixes

remove loader-utils from plugin core (82d0ee8)

5.3.0 (2021-03-07)

Features

allow to modify the interpolation options in webpack config (d654f5b)

drop loader-utils dependency (41d7a50)

5.2.0 (2021-02-19)

Features

improve ssr (73d2a66)

5.1.0 (2021-02-12)

Features

omit html tag attribute with null/undefined/false value (aa6e78d), closes #1598

5.0.0 (2021-02-03)

... (truncated)

Commits

873d75b chore(release): 5.5.0

ddeb774 chore: update examples

1e42625 feat: Support type=module via scriptLoading option

7d3645b Bump pretty-error to 4.0.0 to fix transitive vuln for ansi-regex CVE-2021-3807

79be779 [chore] changes actions to run on pull_requests

b7e5859 [chore] fixes CI to avoid race conditions

48131d3 chore(release): 5.4.0

16a841a [chore] rebuild examples

3bb7c17 Update index.js

e38ac97 Update index.js

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jantimon, a new releaser for html-webpack-plugin since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0
fix(sec): upgrade io.springfox:springfox-swagger-ui to 2.10.0
What happened？

There are 1 security vulnerabilities found in io.springfox:springfox-swagger-ui 2.6.1

CVE-2019-17495

What did I do？

Upgrade io.springfox:springfox-swagger-ui from 2.6.1 to 2.10.0 for vulnerability fix

What did you expect to happen？

Ideally, no insecure libs should be used.

The specification of the pull request

PR Specification from OSCS
opened by Super-Sky 0
Bump css-what from 2.1.0 to 6.1.0 in /raincat-dashboard
Bumps css-what from 2.1.0 to 6.1.0.

Release notes

Sourced from css-what's releases.

v6.1.0

feat: Support pseudo elements with data (#762) 3be227a

https://github.com/fb55/css-what/compare/v6.0.1...v6.1.0

v6.0.1

Fix parsing column combinators after tag names 503570e

https://github.com/fb55/css-what/compare/v6.0.0...v6.0.1

v6.0.0

Breaking Changes

Added ES6 module export (by @spocke, fb55/css-what#680)

CommonJS is still provided for earlier NodeJS versions, but this change might cause issues with your build system. If they aren't trivially resolved, please open an issue!

Removed all options 5cad07b

BREAKING: Added a new value for ignoreCase: 'quirks' should ignore the case only in quirks mode.

BREAKING: Tags and attributes aren't lowercased anymore

Made selector types & actions enums 65121fe

Set empty namespace to null in attributes de367ca

Simplify stringify output 8a29466 b3e5e59

Features

Support parsing column combinators 8030f67

Fixes

Strip leading whitespace encapsulated in comments a812a1c

This used to be a way to sneak in descendant operators in front of selectors.

Refactors

Switched parsing to numbers 65121fe

Restructured the parser to a big switch statement 7b6cc76

Other

Adopted CSS Selector parsing tests from WPT 1881bba

Updated README to reflect changes b165a8d

New Contributors

@spocke made their first contribution in fb55/css-what#680

Full Changelog: https://github.com/fb55/css-what/compare/v5.1.0...v6.0.0

v5.1.0

What's Changed

Add 'where' pseudo selector by @jannispl in fb55/css-what#620

Full Changelog: https://github.com/fb55/css-what/compare/v5.0.1...v5.1.0

v5.0.1

Fixes:

... (truncated)

Commits

ee41dda 6.1.0

3be227a feat: Support pseudo elements with data (#762)

13ffc5b build(deps-dev): bump @typescript-eslint/parser from 5.16.0 to 5.17.0 (#760)

7d0cc2f build(deps-dev): bump @typescript-eslint/eslint-plugin (#759)

389d1b3 build(deps-dev): bump eslint from 8.11.0 to 8.12.0 (#758)

afd14e7 build(deps-dev): bump prettier from 2.6.0 to 2.6.1 (#757)

a1542de build(deps-dev): bump typescript from 4.6.2 to 4.6.3 (#756)

41d9752 build(deps-dev): bump ts-jest from 27.1.3 to 27.1.4 (#755)

fed0407 build(deps): bump minimist from 1.2.5 to 1.2.6 (#754)

96a2408 build(deps-dev): bump @types/node from 17.0.22 to 17.0.23 (#753)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0