Sourced from mysql-connector-java's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/

Version 8.0.20

• Fix for Bug#30805426, IN CASE OF ISAUTHMETHODSWITCHREQUESTPACKET , TOSERVERS > 1 ARE IGNORED.

• Fix for Bug#97714 (30570249), Contribution: Expose elapsed time for query interceptor to avoid hacky thread local implementations. Thanks to Matti Sillanpää and Johnathan Crawford for their contribution.

• Fix for Bug#97724 (30570721), Contribution: Allow '3.' formatted numbers. Thanks to Nick Pollett for his contribution.

• Fix for Bug#98536 (30877755), SIMPLEDATEFORMAT COULD CACHE A WRONG CALENDAR.

• Fix for Bug#91112 (28125069), AGAIN WRONG JAVA.SQL.DATE.

• Fix for Bug#30474158, CONNECTOR/J 8 DOES NOT HONOR THE REQUESTED RESULTSETTYPE SCROLL_INSENSITIVE ETC.

• Fix for Bug#98445 (30832513), Connection option clientInfoProvider=ClientInfoProviderSP causes NPE.

• WL#12248, DevAPI: Connection compression.

• Fix for Bug#30636056, ResultSetUtil.resultSetToMap() can be unsafe to use.

• Fix for Bug#97757 (30584907), NULLPOINTEREXCEPTION WITH CACHERESULTSETMETADATA=TRUE AND EXECUTEQUERY OF "SET".

Version 8.0.19

• WL#13346, Support for mult-host and failover.

• Fix for Bug#97413 (30477722), DATABASEMETADATA IS BROKEN AFTER SERVER WL#13528.

• WL#13367, DNS SRV support.

• WL#12736, DevAPI: Specify TLS ciphers to be used by a client or session.

• Fix for regression tests broken by Bug#97079 fix.

• Fix for Bug#96383 (30119545) RS.GETTIMESTAMP() HAS DIFFERENT RESULTS FOR TIME FIELDS WITH USECURSORFETCH=TRUE.

• Fix for Bug#96059 (29999318), ERROR STREAMING MULTI RESULTSETS WITH MYSQL-CONNECTOR-JAVA 8.0.X.

• Fix for Bug#96442 (30151808), INCORRECT DATE ERROR WHEN CALLING GETMETADATA ON PREPARED STATEMENT.

Version 8.0.18

• WL#13347, Connectors should handle expired password sandbox without SET operations.

• Fix for Bug#84098 (25223123), endless loop in LoadBalancedAutoCommitInterceptor.

• 34cbc6b License book updated.
• 793bd55 Minor fix for tests failing with URL without parameters.
• 58600cc WL#12825, Remove third-party libraries from sources and bundles.
• 5aa15d5 Fix for Bug#93590 (29054329), javax.net.ssl.SSLException: closing inbound bef...
• 1fecc2b Fix for Bug#94414 (29384853), Connector/J RPM package have version number in ...
• f5d24e3 Fix for Bug#27786499, REDUNDANT FILES IN DEBIAN PACKAGE FOR DEBIAN9(COMMUNITY...
• c49db58 WL#12246, DevAPI: Prepared statement support.
• a5c3d29 Added definition file for msi building tools.
• 13045c2 WL#10839, Adjust c/J tests to the new "ON" default for
• 2e350a5 Fix for Bug#29329326, PLEASE AVOID SHOW PROCESSLIST IF POSSIBLE.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from mysql-connector-java's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/

Version 8.0.29

• Fix for Bug#21978230, COMMENT PARSING NOT PROPER IN PREPSTMT.EXECUTEBATCH().

• Fix for Bug#81468 (23312764), MySQL server fails to rewrite batch insert when column name contains word select.

• Fix for Bug#106435 (33850099), 8.0.28 Connector/J has regressive in setAutoCommit after Bug#104067 (33054827).

• Fix for Bug#106240 (33781440), StringIndexOutOfBoundsException when VALUE is at the end of the query.

• Fix for Bug#106397 (33893591), Contribution: fix: fix LocalizedErrorMessages.properties doc: less then -> ... Thanks to Jianjian Song for his contribution.

• Fix for Bug#77924 (25710160), JDBC SOCKS SHOULD NOT PERFORM LOCAL DNS RESOLUTION.

• Fix for Bug#82084 (23743938), YEAR DATA TYPE RETURNS INCORRECT VALUE FOR JDBC GETCOLUMNTYPE().

• Fix for Bug#106441 (33850155), Add charset mapping for utf8mb3.

• WL#15048, Upgrade Protocol Buffers dependency to protobuf-java-3.19.4.

• Fix for Bug#106065 (33726184) Contribution: BigDecimal.toPlainString no need to check decimal exponent. Thanks to Baoyi Chen for his contribution.

• Fix for Bug#106171 (33757217), Contribution: Remove unnecessary boxing in ResultSetImpl. Thanks to Ningpp Ning for his contribution.

• Fix for Bug#25701740, STMT EXECUTION FAILS FOR REPLICATION CONNECTION WHEN USECURSORFETCH=TRUE.

• Fix for Bug#33723611, getDefaultTransactionIsolation must return repeatable read.

• Fix for Bug#38954 (11749415), DATA TRUNCATION WHILE USING BIT(1) IN STORED PROCEDURE WITH INOUT TYPE.

• Fix for Bug#85317 (25672958), EXECUTE BATCH WILL THROW NULL POINTER EXCEPTION WHERE THE COLUMN IS BLOB!

• Fix for Bug#105915 (33678490), Connector/J 8 server prepared statement precision loss in execute batch.

• Fix for Bug#104349 (33563548), com.mysql.cj NPE.

• Fix for Bug#62006 (16714956), JAVA.IO.NOTSERIALIZABLEEXCEPTION: JAVA.IO.STRINGREADER WHEN PROFILESQL=TRUE.

• WL#14750, Better unification of query bindings.

• WL#14834, Support for FIDO authentication.

• WL#14835, Align TLS option checking across connectors.

... (truncated)

• 7ff2161 Updating copyright years
• b13af38 Fix for DateTimeTest according to changes in MySQL server.
• 5c7b775 Update in test for Bug#96900 (30355150).
• e1169ee Fix for Bug#99260 (31189960), statement.setQueryTimeout,creates a database co...
• 05778ef Fix for Bug#103324 (32770013), X DevAPI Collection.replaceOne() missing match...
• 48219f2 Fix for Bug#105197 (33461744), Statement.executeQuery() may return non-naviga...
• 24cf7e2 Fix for Bug#105323 (33507321), README.md contains broken links.
• ad46620 Fix for Bug#96900 (30355150), STATEMENT.CANCEL()CREATE A DATABASE
• 4d19ea1 Fix for Bug#104067 (33054827), No reset autoCommit after unknown issue occurs.
• bc45d35 Fix for Bug#85223 (25656020), MYSQLSQLXML SETSTRING CRASH.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from fastjson's releases.

FASTJSON 1.2.83版本发布（安全修复）

这是一个安全修复版本，修复最近收到在特定场景下可以绕过autoType关闭限制的漏洞，建议fastjson用户尽快采取安全措施保障系统安全。

安全修复方案 ：https://github.com/alibaba/fastjson/wiki/security_update_20220523

Issues

1. 安全加固
2. 修复JDK17下setAccessible报错的问题 #4077

• 下载 https://repo1.maven.org/maven2/com/alibaba/fastjson/1.2.83/
• 文档 https://github.com/alibaba/fastjson/wiki/%E5%B8%B8%E8%A7%81%E9%97%AE%E9%A2%98
• 源码 https://github.com/alibaba/fastjson/tree/1.2.83

fastjson 1.2.79版本发布，BUG修复

这又是一个bug fixed的版本，大家按需升级

Issues

1. 修复引入MethodInheritanceComparator导致某些场景序列化报错的问题
2. 增强JDK 9兼容
3. 修复JSONArray/JSONObject的equals方法在内部对象map/list相同时不直接返回true的问题

相关链接

• 下载 https://repo1.maven.org/maven2/com/alibaba/fastjson/1.2.79/
• 文档 https://github.com/alibaba/fastjson/wiki/%E5%B8%B8%E8%A7%81%E9%97%AE%E9%A2%98
• 源码 https://github.com/alibaba/fastjson/tree/1.2.79

fastjson 1.2.76版本发布，BUG修复增强兼容

这又是一个bug fixed的版本，大家按需升级

Issues

1. 修复一些直接抛RuntimeException的问题 #3631
2. parser自动识别gzip bytes #3614
3. 修复Throwable继承类属性不支持自动类型转换问题 #3217
4. 修复PrettyFormat情况下引用计算不对的问题 #3672
5. 修复AutoType不兼容LinkedHashMap的问题
6. 增强对Enum类型的自定类型转换
7. 修复deserializeUsing在泛型某些场景不能正常工作的问题 #3693
8. 提升JSONReader性能，减少小对象创建 #3627
9. 增强对JSONPath对filter的支持 #3629
10. JSONPath支持忽略NullValue的选项 #3607
11. 增强对定制化enum的支持 #3601
12. 增强对java.time.Instant和org.joda.time.Instant的支持 #3539
13. 修复Parser某些场景不能识别引用的问题

相关链接

• 下载 https://repo1.maven.org/maven2/com/alibaba/fastjson/1.2.76/
• 文档 https://github.com/alibaba/fastjson/wiki/%E5%B8%B8%E8%A7%81%E9%97%AE%E9%A2%98
• 源码 https://github.com/alibaba/fastjson/tree/1.2.76

fastjson 1.2.75版本发布，例行Bug修复

... (truncated)

• 26f13f8 1.2.83
• 8f3410f bug fix for autotype
• cd3c2de improved jdk8 java.time support
• c63866e remove unused import
• 35db4ad bug fix for autoType
• 3f009e1 Merge pull request #4085 from hengyunabc/fix_setAccessible
• dd3de5f fix InaccessibleObjectException in jdk17. #4077
• a234f9a Merge pull request #4084 from alibaba/revert-4078-master
• 0814909 Revert "fix InaccessibleObjectException in jdk17. #4077"
• ab82d0b Merge pull request #4078 from hengyunabc/master
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.