-
Notifications
You must be signed in to change notification settings - Fork 852
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add PasswordUtil for encrypting passwords client side #3082
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good overall. +1 for adding a method to PGConnection. I left comments inline.
Below are some some more ideas, hovewer, I am not sure about them.
I wonder if it makes sense to use builders to configure parameters instead of string/string overloads.
* | ||
* @param user The username of the database user | ||
* @param password The plain text of the user's password | ||
* @param encryptionType The encryption type for which to encode the user's |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Coulo you add the meaning of null
to the docs?
pgjdbc/src/test/java/org/postgresql/test/util/PasswordUtilTest.java
Outdated
Show resolved
Hide resolved
Assert.assertTrue("Query should have returned exactly one row but none was found: " + sql, rs.next()); | ||
String value = rs.getString(1); | ||
Assert.assertFalse("Query should have returned exactly one row but more than one found: " + sql, rs.next()); | ||
rs.close(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
try-with-resources?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes that's copy-pasta from it's sibling method without the arg.
|
So the reason the tests are failing is because you assume scram for anything above 10, however we have noscram tests for versions above 10. |
Good feedback. A lot of it aligns with things I was thinking about while working on this.
I considered that as well but scrapped it because the options would be different for If we go the options route, we'd need either a marker interface
The driver defaults could then just be some static value (i.e. scram with 4K iterations). And the server default could would be responsible for instantiating some variant of that. Thoughts? Any other ways to handle the divergent args? |
That's weird. One of the failing tests in the matrix is for running SCRAM on 8.4 but that shouldn't have executed. Maybe the skip annotations I added aren't being used correctly. Why wouldn't SCRAM work for >=10 (v.s. >10)? It added in that version. |
If you look at the docker scripts you can see that if scram is not specified then it creates a user using MD5. This is why in my tests I read pg_shadow for the user to determine the encryption to use. |
Why would that matter for any new user created in CI though? I thought the server's default is just the default if it interprets your password as plain text and you're asking it to handle the hashing. If it has the magic |
Before you create the user you need to set the encryption method on the connection |
Not according to the docs: https://www.postgresql.org/docs/current/sql-createrole.html
|
What I meant is you need to say |
You only need to do that if the password string is not already encoded. The server checks if it has the magic prefix and then uses it as is:
Note how |
hmmm... well that was the only way I could get the tests to pass. |
ah, I think the problem is that in the docker script we specify md5 or scram in pg_hba.conf. If we specified password instead that would work. |
Pushed a series of commits that address the feedback. If this looks good I'll rebase it to clean up the commits. Figure it's easier to review with the individual commits as each one addresses a specific piece of feedback. I didn't add the try-with-resources to the new @davecramer I had forgotten to include the Also, trying to fix the test for 8.4 lead me to realize that the
I think this is good to go. Let me know if any other thoughts and I'll rebase, run through CI, and merge. |
Actually hang on ... need to add one more to change the password arg to be a |
Pushed another commit that changes the API to use a |
*/ | ||
public static String encodeMd5(String user, char[] password) { | ||
byte[] userBytes = user.getBytes(StandardCharsets.UTF_8); | ||
String passwordText = String.valueOf(password); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
WDYT of Arrays.fill(password, ' ')
as soon as the password was consumed? (e.g. after conversion no string)
A slightly better approach would probably be CharBuffer.wrap(password)
, then encode it to byte array with Charset.encode, then zero out both arrays.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think it's the job of the encoder to wipe out the caller's data structures. The caller can choose to do that if necessary.
That would make more sense if the function signature was something like:
public static String encodeMd5(String user, Supplier<char[]> passwordSource) {
char[] password = passwordSource.get();
// do stuff
Arrays.fill(password, ' '); // clear password array
}
In that situation we "own" the array and it'd be our responsibility for clearing it.
I'm of two minds here ... partly think we should go that route as it's the most flexible. And partly think nobody is going to care about this and we should just make String encode(String user, String password)
overloads as that's what 99% of people are going to use.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are two points of using char[]
for passwords:
- The API that uses the password can erase the password shortly after use so it minimizes the time window when the password can be grabbed from the memory dump
- There are much fewer chances of logging the passwords as
char[].toString()
would not dump contents.
In this case, as soon as you compute MD5, you can erase the char[]
array so the password is not accidentally leaked.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know why it's being done. I'm the one that suggested it in Dave's original PR!
I'm saying the reality of how people program in Java lends itself to this being a moot point because the caller is going to have the password in a String and simply convert it to a char[] at the call site.
Regardless, destroying the contents of an argument (like we'd be doing here without changing the method signature) isn't the same as destroying the contents of the return value of a function (e.g. what AuthenticationPluginManager does).
In this specific case it'd be weird because it'd break the most common use case of this function:
char[] password = generateNewPassword();
conn.alterUserPassword(user, password);
saveNewPasswordSomewhere(password);
The user owns the char[] so the user is responsible for clearing it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the user wants saving the password, they should clone the array
Couple more to address @vlsi last feedback. And one to refactor the way the connection tests throw errors to get the details in the logs. It doesn't change any of the output of the tests themselves but helped debug when things weren't working because the SCRAM library mandates >=4096 iterations: ongres/scram#20 (comment) |
Added the "on"/"off" tests and a note to CHANGELOG referencing the PR (kind of funny how you have to create the PR then push that after you know the PR number...). I'm happy with this and will rebase and merge this tomorrow. |
What do you think @vlsi ? |
* @param encryptionType The type of password encryption to use or null if the database server default should be used. | ||
* @throws SQLException If the password could not be altered | ||
*/ | ||
default void alterUserPassword(String user, Supplier<char[]> passwordSource, @Nullable String encryptionType) throws SQLException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the purpose of Supplier
in the signature?
I think a regular char[]
should be enough.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The rationale is that by providing a callback rather than a value, it's explicit that the ownership of the char[] object lies with the method and not the caller. This also matches how we provide passwords in the auth callbacks.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A simple use case would match the tests where a string is simply converted to a char[].
A more elaborate use case could have the callback itself read from a KMS. It's the ultimate in flexibility while ensuring the char[] never lingers.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You don't need to have supplier for that. Just document that in the javadoc: password will be erased after use
and that is it. Supplier makes it harder for the clients to pass the value.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the caller is supplying a char[] then the caller owns that object and the caller must wipe it.
If we want to wipe it within the method, we need to own the char[] and the way to signify that is to have it's creation happen via the supplier. Plus we get the flexibility for the more elaborate use cases.
Plus it's actually easier with the supplier style as the only usage within the driver of the password is wrapped around the supplier which ensures that the raw char[] value never lingers.
If the method signature has the char[]
and overload A calls overload B (which is supposed to eventually wipe the password), how do you ensure the password was wiped and something else did not throw an exception before that step?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No. We declare in javadoc who owns the object and that is it.
how do you ensure the password was wiped and something else did not throw an exception before that step?
Wipe the password in finally
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's my point. You end up with the same code in every overload as otherwise you never know if a change to the overload impacts when exactly the password gets cleared.
Anyway, I'm not keen to change it. The callback method is the most versatile and covers all the more complex use cases I've described.
If we're deadlocked on this, then get someone else to agree to the change in the signature. Otherwise I'm done with this and plan to rebase and merge.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You end up with the same code in every overload
There are only a few methods dealing with passwords, and, yes, security code is not the most easy to implement correctly.
Neither https://docs.oracle.com/javase%2Ftutorial%2Fuiswing%2F%2F/components/passwordfield.html nor https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html suggest using Supplier
in the method parameters.
} | ||
|
||
@Test | ||
public void testServerDefault() throws SQLException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Technically speaking, JUnit4 does not use test..
method naming. test...
method prefix comes from JUnit3 when @Test
annotation did not exist.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I still like it though as it makes the method name an imperative mood. Without the prefix we get public void serverDefault()
which sounds like it returns a value. Could be more clever and do something like "validateServerDefault" but meh...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
testServerDefault
does not explain what the test verifies though
I'm +1 to just using char[] in the signature and we zero it out. We are after all providing the user with a utility method to "take care of it for them" |
2d55e24
to
6474418
Compare
if (password == null) { | ||
throw new NullPointerException("password is null"); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Objects.
if (password == null) { | |
throw new NullPointerException("password is null"); | |
} | |
Objects.requireNonNull(password, "password"); |
String passwordText = String.valueOf(password); | ||
byte[] passwordBytes = passwordText.getBytes(StandardCharsets.UTF_8); | ||
final MessageDigest md = MessageDigest.getInstance("MD5"); | ||
|
||
md.update(passwordBytes); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
String passwordText = String.valueOf(password); | |
byte[] passwordBytes = passwordText.getBytes(StandardCharsets.UTF_8); | |
final MessageDigest md = MessageDigest.getInstance("MD5"); | |
md.update(passwordBytes); | |
byte[] passwordBytes = StandardCharsets.UTF_8.encode(CharBuffer.wrap(password)).array(); | |
try { | |
MessageDigest md = MessageDigest.getInstance("MD5"); | |
md.update(passwordBytes); | |
} finally { | |
Arrays.fill(passwordBytes, (byte) 0); | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope that doesn't work. Was going nuts trying to figure out why as it broke a bunch of the md5 tests. Turns out the .array()
call returns the backing array of the ByteBuffer which is not necessarily the same size as the encoded password. In the tests it ends up being 38 bytes (extra zeros at the end) vs. 35 bytes and the extra zeros get included in the digest.
Going to try something similar to see if we can avoid the extra String in between. I think we can write the ByteBuffer directly to the MessageDigest then clear it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes the ByteBuffer worked when directly writing it to the MessageDigest. That way it's aware of the contents and not the entire backing array.
6474418
to
80820bc
Compare
Force pushed a commit that replaces the password callbacks with wiping the char[] in each method. Also adds to the tests to check that the char[] arrays have bene wiped. And a new test for a "bad encryption type" to ensure that even in that situation the password is wiped. |
…crypting passwords client side Add a PasswordUtil helper that provides methods for encoding a given password client side so that it may be used for ALTER USER and CREATE USER statement without sending the plaintext password over the wire. Also adds a helper to PGConnection that generates the ALTER USER command necessary to update a user's password and executes it. The helpers default to encoding the password using SCRAM-SHA-256 if used directly or using the server's default password_encryption setting if used via the PGConnection helper. Co-authored-by: Sehrope Sarkuni <sehrope@jackdb.com> Co-authored-by: Dave Cramer <davecramer@gmail.com>
e4cac3b
to
330ed0e
Compare
Rebased atop master, squashed down the intermediate commits, and updated the commit message to reflect the additional function in Once this runs through CI I'll merge it in. |
No clue why one of the test matrix entries never started and the other has been hanging for 1h30m. Going to try manually bouncing them. Probably some transient GitHub Actions issue. |
The ARM matrix is taking forever and my suspicion is that SecureRandom is trying to use /dev/random and the ARM runner does not have enough entropy. On modern kernels it shouldn't hang after boot but I bet it's an older one that still treats them separately. The entropy pool must be drained and it's hanging waiting for random network activity to the host to give it enough jitter to supply more bits. Looks like this is the first we're directly using that class in the project:
Should be able to force it to use /dev/urandom via: Going to see if I can figure out how to inject it just for that one build. I wonder if this caused less (but similar) slow down in other tests simply from the TLS stack pulling from the same source. |
Force use of /dev/urandom as the source of entropy for the internal state of the secure RNG by setting java.security.egd. This is needed to prevent a poorly configured runner from draining its entropy by using the default of /dev/random. This is not needed on modern kernels as they do not block after boot. However it may be required for older kernels that will otherwise refuse to return back random bits unless they think they have enough tracked entropy in /dev/random. Specifically, this corrects an issue with one of the hosted CI runners that was hanging fetching bytes from SecureRandom.
I pushed a fix for the RNG thing that applies the JVM flag to all environments generated by the matrix. I couldn't figure an easy way of only applying it to the ARM builds and it should be harmless elsewhere. With the fix it passed through CI and did execute on an ARM combo. Unfortunately due to the matrix randomization it's not exactly the same combination as before so I don't know 100% if the fix did anything (JDK 22 failed but JDK 8 succeeded). I'm going to merge this and we'll see if anything else comes up later. |
byte[] storedKey = ScramFunctions.storedKey(ScramMechanisms.SCRAM_SHA_256, clientKey); | ||
byte[] serverKey = ScramFunctions.serverKey(ScramMechanisms.SCRAM_SHA_256, saltedPassword); | ||
|
||
return "SCRAM-SHA-256" // |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why adding empty comments?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why show up with feedback on lines that have not changed since the PR was first opened after the PR is merged?
Are you just looking for something to nitpick?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You did not fix javadocs (see #3082 (comment)), and I thought it would be easier and faster to just wait for you to merge the PR and then fix the style issues
* Encode the given password using the driver's default encryption method. | ||
* | ||
* @param user The username of the database user | ||
* @param password The plain text of the user's password | ||
* @return The encoded password | ||
* @throws SQLException If an error occurs encoding the password | ||
*/ | ||
public static String encodePassword(String user, char[] password) throws SQLException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like the method is not reliable from the users' perspective.
What does driver's default
mean?
What if somebody uses the method, and then they upgrade the driver some time later. Is the driver allowed to change the default encoding method?
Apparently, for backward compatibility, we can't change the method. In that regard, encodePassword
duplicates encodeScramSha256
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like the method is not reliable from the users' perspective. What does driver's default mean?
It means the driver encodes the password with whatever the latest version of password encoding the driver wants, using the defaults built into the driver.
What if somebody uses the method, and then they upgrade the driver some time later. Is the driver allowed to change the default encoding method?
Yes. That's exactly the point. So that code targeting that method uses the latest, most recommended method of encoding passwords without being connected to a specific server.
Apparently, for backward compatibility, we can't change the method. In that regard, encodePassword duplicates encodeScramSha256.
Compatibility with what? We haven't haven't released anything yet. Are you suggesting changing the signature?
It doesn't duplicate the SCRAM-SHA-256 function, it it delegates to it because that's the current driver default.
If in the future if the SCRAM-SHA-256 default is replaced with SCRAM-SHA-512 or something else entirely, we'd change that delegation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If in the future if the SCRAM-SHA-256 default is replaced with SCRAM-SHA-512 or something else entirely, we'd change that delegation
If we ever make such a change, then we effectively break backward compatibility. That means we can't easily make such a change.
So, please suggest what is the use case for having "driver's default" encodePassword
method. Why add the method assuming there's not a single use case for it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we ever make such a change, then we effectively break backward compatibility. That means we can't easily make such a change.
We don't break anything because the definition of that method is encoding the password with whatever the driver considers to be the most secure and recommended approach. The user is delegating to this driver, as the de facto Java driver for PosgreSQL, to make a determination of how the user should be encoding passwords.
If a user wants to use a specific algo or parameters then there's other overloads to use instead.
So, please suggest what is the use case for having "driver's default" encodePassword method. Why add the method assuming there's not a single use case for it?
It's in the original PR description:
Splitting out the encoding allows the same functions to be used for CREATE USER ... (again without passing the credentials in plaintext).
A user can leverage that to generate their own SQL that involves encoding passwords.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we ever make such a change, then we effectively break backward compatibility. That means we can't easily make such a change.
We don't break anything because the definition of that method is encoding the password with whatever the driver considers to be the most secure and recommended approach. The user is delegating to this driver, as the de facto Java driver for PosgreSQL, to make a determination of how the user should be encoding passwords.
I think the issue is that if the server uses SCRAM-512 for the latest version and previous versions use SCRAM-256 using the latest driver would fail on older versions of the server.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you mean if the driver is bumped to SCRAM-512 and the server does not yet support it, then it would fail.
Yes, that's expected because the output of that method is not for a particular server. It's for generating literals for the encoded password using the latest recommended method per the driver. I'd see it being used by something that is generating it's own SQL, potentially for future execution out of band. The tie in to the driver is that the driver, as the de factor Java driver for PostgreSQL, is aware of the recommended password encoding.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you mean if the driver is bumped to SCRAM-512 and the server does not yet support it, then it would fail.
Yes, that's expected because the output of that method is not for a particular server. It's for generating literals for the encoded password using the latest recommended method per the driver. I'd see it being used by something that is generating it's own SQL, potentially for future execution out of band. The tie in to the driver is that the driver, as the de factor Java driver for PostgreSQL, is aware of the recommended password encoding.
No, what I mean is server version 17 comes out with SCRAM-512. The driver uses SCRAM-512 as the default
and now the default only works for server version 17.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't follow ... isn't that the same situation I described in my previous comment?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suppose it is, but we can't break backward compatibility. If a user upgrades the driver their code should continue to work.
Generally if we do a major version upgrade we would mention that we have breaking changes but a breaking change to a default
seems wrong somehow
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess I don't see it as a break as the functional meaning of the method ("encode my password using the recommended...) has not changed. I see it like the following changing over server versions:
CREATE USER foo WITH PASSWORD 'abcd1234';
SELECT passwd FROM pg_shadow WHERE usename = 'foo'
It'd be md5 encoded in <=10 and some variant SCRAM after that. Though that's not as user facing so maybe not the best example.
The original goal was to have a method that users could rely on when making things like SQL script generating tooling that they know will always be the latest recommendation. That way when SCRAM-SHA-256 is replaced with SCRAM-SHA-512 or something else entirely, a user that bumps their driver to the latest pgjdbc would automatically get the newer recommendation.
If that doesn't make sense as valid use case or if you foresee misuse of it causing complication, then let's remove it.
This MR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [flow-bin](https://github.com/flowtype/flow-bin) ([changelog](https://github.com/facebook/flow/blob/master/Changelog.md)) | devDependencies | minor | [`^0.225.0` -> `^0.233.0`](https://renovatebot.com/diffs/npm/flow-bin/0.225.1/0.233.0) | | [org.postgresql:postgresql](https://jdbc.postgresql.org) ([source](https://github.com/pgjdbc/pgjdbc)) | build | patch | `42.7.1` -> `42.7.3` | | [org.liquibase.ext:liquibase-hibernate5](https://github.com/liquibase/liquibase-hibernate/wiki) ([source](https://github.com/liquibase/liquibase-hibernate)) | build | minor | `4.25.1` -> `4.27.0` | | [org.liquibase:liquibase-maven-plugin](http://www.liquibase.org/liquibase-maven-plugin) ([source](https://github.com/liquibase/liquibase)) | build | minor | `4.25.1` -> `4.27.0` | | [io.hypersistence:hypersistence-utils-hibernate-62](https://github.com/vladmihalcea/hypersistence-utils) | compile | patch | `3.7.0` -> `3.7.3` | | [org.hibernate.orm:hibernate-envers](https://hibernate.org/orm) ([source](https://github.com/hibernate/hibernate-orm)) | build | patch | `6.4.1.Final` -> `6.4.4.Final` | | [org.hibernate.orm:hibernate-core](https://hibernate.org/orm) ([source](https://github.com/hibernate/hibernate-orm)) | build | patch | `6.4.1.Final` -> `6.4.4.Final` | | [com.blazebit:blaze-persistence-bom](https://persistence.blazebit.com) ([source](https://github.com/Blazebit/blaze-persistence)) | import | patch | `1.6.10` -> `1.6.11` | | [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) | build | minor | `2.41.1` -> `2.43.0` | | [io.quarkus:quarkus-maven-plugin](https://github.com/quarkusio/quarkus) | build | minor | `3.6.4` -> `3.9.2` | | [io.quarkus:quarkus-universe-bom](https://github.com/quarkusio/quarkus-platform) | import | minor | `3.6.4` -> `3.9.2` | | [org.apache.maven.plugins:maven-compiler-plugin](https://maven.apache.org/plugins/) | build | minor | `3.12.1` -> `3.13.0` | --- ### Release Notes <details> <summary>flowtype/flow-bin</summary> ### [`v0.233.0`](https://github.com/flowtype/flow-bin/compare/6e34f048ec7f5146297e258a60250c8e5af37bcc...2ebcdf3a8f03993e8ccab9e9fb6742000b54f929) [Compare Source](https://github.com/flowtype/flow-bin/compare/6e34f048ec7f5146297e258a60250c8e5af37bcc...2ebcdf3a8f03993e8ccab9e9fb6742000b54f929) ### [`v0.232.0`](https://github.com/flowtype/flow-bin/compare/69ee58d99676a48984158d2cafcdb3b3f5ad5f15...6e34f048ec7f5146297e258a60250c8e5af37bcc) [Compare Source](https://github.com/flowtype/flow-bin/compare/69ee58d99676a48984158d2cafcdb3b3f5ad5f15...6e34f048ec7f5146297e258a60250c8e5af37bcc) ### [`v0.231.0`](https://github.com/flowtype/flow-bin/compare/5c84049e450b37833fca5b547c1c2cb678436ef1...69ee58d99676a48984158d2cafcdb3b3f5ad5f15) [Compare Source](https://github.com/flowtype/flow-bin/compare/5c84049e450b37833fca5b547c1c2cb678436ef1...69ee58d99676a48984158d2cafcdb3b3f5ad5f15) ### [`v0.230.0`](https://github.com/flowtype/flow-bin/compare/2c3181fa7aa928bd3735a7fad09e1be271c96c95...5c84049e450b37833fca5b547c1c2cb678436ef1) [Compare Source](https://github.com/flowtype/flow-bin/compare/2c3181fa7aa928bd3735a7fad09e1be271c96c95...5c84049e450b37833fca5b547c1c2cb678436ef1) ### [`v0.229.2`](https://github.com/flowtype/flow-bin/compare/82b999003b85e827cd4dd36a8d3593979f1a9599...2c3181fa7aa928bd3735a7fad09e1be271c96c95) [Compare Source](https://github.com/flowtype/flow-bin/compare/82b999003b85e827cd4dd36a8d3593979f1a9599...2c3181fa7aa928bd3735a7fad09e1be271c96c95) ### [`v0.229.0`](https://github.com/flowtype/flow-bin/compare/3d62fc76bf9b0ff63ec56d049c669958ef41f6b8...82b999003b85e827cd4dd36a8d3593979f1a9599) [Compare Source](https://github.com/flowtype/flow-bin/compare/3d62fc76bf9b0ff63ec56d049c669958ef41f6b8...82b999003b85e827cd4dd36a8d3593979f1a9599) ### [`v0.228.0`](https://github.com/flowtype/flow-bin/compare/15db2846c1c63d3f26905f51e8c96c801cbc017b...3d62fc76bf9b0ff63ec56d049c669958ef41f6b8) [Compare Source](https://github.com/flowtype/flow-bin/compare/15db2846c1c63d3f26905f51e8c96c801cbc017b...3d62fc76bf9b0ff63ec56d049c669958ef41f6b8) ### [`v0.227.0`](https://github.com/flowtype/flow-bin/compare/6fbe6faecdcb24e9ee660a0616705d46b9bd3c40...15db2846c1c63d3f26905f51e8c96c801cbc017b) [Compare Source](https://github.com/flowtype/flow-bin/compare/6fbe6faecdcb24e9ee660a0616705d46b9bd3c40...15db2846c1c63d3f26905f51e8c96c801cbc017b) ### [`v0.226.0`](https://github.com/flowtype/flow-bin/compare/23ec6163cf6921d4ef74da53e1aaf4a35f798384...6fbe6faecdcb24e9ee660a0616705d46b9bd3c40) [Compare Source](https://github.com/flowtype/flow-bin/compare/23ec6163cf6921d4ef74da53e1aaf4a35f798384...6fbe6faecdcb24e9ee660a0616705d46b9bd3c40) </details> <details> <summary>pgjdbc/pgjdbc</summary> ### [`v42.7.3`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#​4273-2024-04-14-145100--0400) ##### Changed - chore: gradle config enforces 17+ [MR #​3147](https://github.com/pgjdbc/pgjdbc/pull/3147) ##### Fixed - fix: boolean types not handled in SimpleQuery mode [MR #​3146](https://github.com/pgjdbc/pgjdbc/pull/3146) - make sure we handle boolean types in simple query mode - support uuid as well - handle all well known types in text mode and change `else if` to `switch` - fix: released new versions of 42.2.29, 42.3.10, 42.4.5, 42.5.6, 42.6.2 to deal with `NoSuchMethodError on ByteBuffer#position` when running on Java 8 ### [`v42.7.2`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#​4272-2024-02-21-082300--0500) ##### Security - security: SQL Injection via line comment generation, it is possible in `SimpleQuery` mode to generate a line comment by having a placeholder for a numeric with a `-` such as `-?`. There must be second placeholder for a string immediately after. Setting the parameter to a -ve value creates a line comment. This has been fixed in this version fixes [CVE-2024-1597](https://www.cve.org/CVERecord?id=CVE-2024-1597). Reported by [Paul Gerste](https://github.com/paul-gerste-sonarsource). See the [security advisory](https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56) for more details. This has been fixed in versions 42.7.2, 42.6.1 42.5.5, 42.4.4, 42.3.9, 42.2.28.jre7. See the security advisory for work arounds. ##### Changed - fix: Use simple query for isValid. Using Extended query sends two messages checkConnectionQuery was never ever set or used, removed [MR #​3101](https://github.com/pgjdbc/pgjdbc/pull/3101) - perf: Avoid autoboxing bind indexes by [@​bokken](https://github.com/bokken) in [MR #​1244](https://github.com/pgjdbc/pgjdbc/pull/1244) - refactor: Document that encodePassword will zero out the password array, and remove driver's default encodePassword by [@​vlsi](https://github.com/vlsi) in [MR #​3084](https://github.com/pgjdbc/pgjdbc/pull/3084) ##### Added - feat: Add PasswordUtil for encrypting passwords client side [MR #​3082](https://github.com/pgjdbc/pgjdbc/pull/3082) </details> <details> <summary>liquibase/liquibase</summary> ### [`v4.27.0`](https://github.com/liquibase/liquibase/blob/HEAD/changelog.txt#Liquibase-4270-is-a-major-release) [Compare Source](https://github.com/liquibase/liquibase/compare/v4.26.0...v4.27.0) > Liquibase 4.27.0 contains several New Capabilities and Notable Enhancements for Liquibase Pro users: DATABASECHANGELOGHISTORY table, Quality Checks Chains, Rollback Reports > See the [Liquibase 4.27.0 Release Notes](https://docs.liquibase.com/start/release-notes/liquibase-release-notes/liquibase-4.27.0.html) for the complete set of release information. ### [`v4.26.0`](https://github.com/liquibase/liquibase/blob/HEAD/changelog.txt#Liquibase-4260-is-a-major-release) [Compare Source](https://github.com/liquibase/liquibase/compare/v4.25.1...v4.26.0) > \[!IMPORTANT] > Liquibase 4.26.0 contains several Notable Changes for Liquibase Pro users: Advanced IF conditionals, Simpler Regex-based pattern checks, and Checks Run Reports. > \[!NOTE] > See the [Liquibase 4.26.0 Release Notes](https://docs.liquibase.com/start/release-notes/liquibase-4.26.0.html) for the complete set of release information. </details> <details> <summary>vladmihalcea/hypersistence-utils</summary> ### [`v3.7.3`](https://github.com/vladmihalcea/hypersistence-utils/blob/HEAD/changelog.txt#Version-373---February-16-2024) \================================================================================ "java.lang.ClassCastException: class \[Ljava.lang.String; cannot be cast to class \[B" thrown when using multiLoad with Hibernate 6.4 [#​700](https://github.com/vladmihalcea/hypersistence-utils/issues/700) ### [`v3.7.2`](https://github.com/vladmihalcea/hypersistence-utils/blob/HEAD/changelog.txt#Version-372---February-08-2024) \================================================================================ Expecting BasicPluralJavaType for array class \[Ljava.util.UUID;, but got \`com.vladmihalcea.hibernate.type.array.internal.UUIDArrayTypeDescriptor error with Hibernate 6.4 [#​698](https://github.com/vladmihalcea/hypersistence-utils/issues/698) ### [`v3.7.1`](https://github.com/vladmihalcea/hypersistence-utils/blob/HEAD/changelog.txt#Version-371---January-30-2024) \================================================================================ Add support for Hibernate 6.4 [#​685](https://github.com/vladmihalcea/hypersistence-utils/issues/685) Remove hypersistence-utils-hibernate-5 module [#​693](https://github.com/vladmihalcea/hypersistence-utils/issues/693) </details> <details> <summary>hibernate/hibernate-orm</summary> ### [`v6.4.4.Final`](https://github.com/hibernate/hibernate-orm/compare/6.4.3...6.4.4) [Compare Source](https://github.com/hibernate/hibernate-orm/compare/6.4.3...6.4.4) ### [`v6.4.3.Final`](https://github.com/hibernate/hibernate-orm/compare/6.4.2...6.4.3) [Compare Source](https://github.com/hibernate/hibernate-orm/compare/6.4.2...6.4.3) ### [`v6.4.2.Final`](https://github.com/hibernate/hibernate-orm/compare/6.4.1...6.4.2) [Compare Source](https://github.com/hibernate/hibernate-orm/compare/6.4.1...6.4.2) </details> <details> <summary>Blazebit/blaze-persistence</summary> ### [`v1.6.11`](https://github.com/Blazebit/blaze-persistence/blob/HEAD/CHANGELOG.md#​1611) [Compare Source](https://github.com/Blazebit/blaze-persistence/compare/1.6.10...1.6.11) 10/01/2024 - [Release tag](https://github.com/Blazebit/blaze-persistence/releases/tag/1.6.11) [Resolved issues](https://github.com/Blazebit/blaze-persistence/issues?q=is%3Aissue+milestone%3A1.6.11+is%3Aclosed+sort%3Aupdated-desc) ##### New features - Special case mappings with limit of 1 to use `=` instead of `IN` predicate - Added support for extended GraphlQL types, for example support DateTime (please read `Backwards-incompatible changes` below ) ##### Bug fixes - Fix over-fetching of entity view data with dynamic fetches - Fix Spring 6.1 compatibility - Fix Hibernate 6.4.0.Final compatibility - Disallow repository sorting by anything other than entity or entity view attribute paths ##### Backwards-incompatible changes - If you use the GraphQL integration and you are loading the [graphql-java-extended-scalars](https://github.com/graphql-java/graphql-java-extended-scalars), you might need to migrate your `LocalDataTime` EntityViews to `OffsetDateTime`. Dates will no longer be represented as String in the GraphQl-Schema, but as [DateTime](https://the-guild.dev/graphql/scalars/docs/scalars/date-time). </details> <details> <summary>diffplug/spotless</summary> ### [`v2.43.0`](https://github.com/diffplug/spotless/blob/HEAD/CHANGES.md#​2430---2023-11-27) ##### Added - Support custom rule sets for Ktlint. ([#​1896](https://github.com/diffplug/spotless/pull/1896)) ##### Fixed - Fix Eclipse JDT on some settings files. ([#​1864](https://github.com/diffplug/spotless/pull/1864) fixes [#​1638](https://github.com/diffplug/spotless/issues/1638)) ##### Changes - Bump default `ktlint` version to latest `1.0.0` -> `1.0.1`. ([#​1855](https://github.com/diffplug/spotless/pull/1855)) - Add a Step to remove semicolons from Groovy files. ([#​1881](https://github.com/diffplug/spotless/pull/1881)) ### [`v2.42.0`](https://github.com/diffplug/spotless/blob/HEAD/CHANGES.md#​2420---2023-09-28) ##### Added - Support for biome. The Rome project [was renamed to Biome](https://biomejs.dev/blog/annoucing-biome/). The configuration is still the same, but you should switch to the new `biome` tag / function and adjust the version accordingly. ([#​1804](https://github.com/diffplug/spotless/issues/1804)). - Support for `google-java-format`'s `skip-javadoc-formatting` option. ([#​1793](https://github.com/diffplug/spotless/pull/1793)) - Support configuration of mirrors for P2 repositories in Maven DSL ([#​1697](https://github.com/diffplug/spotless/issues/1697)). - New line endings mode `GIT_ATTRIBUTES_FAST_ALLSAME`. ([#​1838](https://github.com/diffplug/spotless/pull/1838)) ##### Fixed - Fix support for plugins when using Prettier version `3.0.0` and newer. ([#​1802](https://github.com/diffplug/spotless/pull/1802)) - Fix configuration cache issue around `external process started '/usr/bin/git --version'`. ([#​1806](https://github.com/diffplug/spotless/issues/1806)) ##### Changes - Bump default `flexmark` version to latest `0.64.0` -> `0.64.8`. ([#​1801](https://github.com/diffplug/spotless/pull/1801)) - Bump default `ktlint` version to latest `0.50.0` -> `1.0.0`. ([#​1808](https://github.com/diffplug/spotless/pull/1808)) </details> <details> <summary>quarkusio/quarkus</summary> ### [`v3.9.2`](https://github.com/quarkusio/quarkus/releases/tag/3.9.2) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.9.1...3.9.2) ##### Complete changelog - [#​38964](https://github.com/quarkusio/quarkus/pull/38964) - Add smallrye metrics capability - [#​39668](https://github.com/quarkusio/quarkus/pull/39668) - Recompute cache when the redis connection pool is exhausted - [#​39705](https://github.com/quarkusio/quarkus/pull/39705) - WebSockets Next: error handlers part 1 - [#​39717](https://github.com/quarkusio/quarkus/issues/39717) - OIDC code flow access token verification is enforced even if the application code does not use it as JWT - [#​39718](https://github.com/quarkusio/quarkus/pull/39718) - Enforce OIDC code flow access token verification only if JWT is in the application code - [#​39725](https://github.com/quarkusio/quarkus/pull/39725) - Setting the correct CodeFlowVerifyAccessTokenDisabledTest test class name - [#​39742](https://github.com/quarkusio/quarkus/pull/39742) - Fix a remaining reference to quarkus.resteasy-reactive. prefix - [#​39746](https://github.com/quarkusio/quarkus/issues/39746) - ScheduledExecutorService: cannot remove future task from the scheduler - [#​39763](https://github.com/quarkusio/quarkus/pull/39763) - WebSockets Next: error handlers part 2 - [#​39766](https://github.com/quarkusio/quarkus/pull/39766) - Properly handle array class types to be looked up - [#​39770](https://github.com/quarkusio/quarkus/pull/39770) - Improve the multipart encoded mode handling in the rest client - [#​39776](https://github.com/quarkusio/quarkus/issues/39776) - Cannot build native image after 3.9.1 upgrade - missing configuration properties but they exist - [#​39777](https://github.com/quarkusio/quarkus/issues/39777) - Bean Param init issue - java.lang.NoClassDefFoundError: io/quarkus/generated/int$quarkusrestparamConverter$ - [#​39790](https://github.com/quarkusio/quarkus/pull/39790) - Add quarkus-credentials-deployment where it's missing - [#​39794](https://github.com/quarkusio/quarkus/pull/39794) - Bump org.jboss.threads:jboss-threads from 3.6.0.Final to 3.6.1.Final - [#​39797](https://github.com/quarkusio/quarkus/pull/39797) - Docs: fix typo in OIDC tenant resolution by configuration - [#​39798](https://github.com/quarkusio/quarkus/issues/39798) - Update documentation for QUARKUS AND GRADLE - Development mode: quarkusDev#workingDir has been deprecated - [#​39804](https://github.com/quarkusio/quarkus/pull/39804) - Always record profiles - [#​39823](https://github.com/quarkusio/quarkus/pull/39823) - Ensure ParameterConverter is loaded from the TCCL - [#​39829](https://github.com/quarkusio/quarkus/pull/39829) - Use quarkusDev#workingDirectory - [#​39835](https://github.com/quarkusio/quarkus/pull/39835) - Bump maven-model-helper to 36 ### [`v3.9.1`](https://github.com/quarkusio/quarkus/releases/tag/3.9.1) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.9.0...3.9.1) ##### Complete changelog - [#​25682](https://github.com/quarkusio/quarkus/issues/25682) - Dev Services for Postgresql not working with Rancher - [#​36736](https://github.com/quarkusio/quarkus/pull/36736) - Manage Jose4j dependency in the bom - [#​36737](https://github.com/quarkusio/quarkus/issues/36737) - Add OpenAPI Filter usage to documentation - [#​39088](https://github.com/quarkusio/quarkus/issues/39088) - Solve POM formatting issues when creating project/adding extension/removing extension - [#​39224](https://github.com/quarkusio/quarkus/issues/39224) - WebSockets Next: support method parameter injection - [#​39313](https://github.com/quarkusio/quarkus/issues/39313) - prod-profile configuration pollutes test profile in integration tests - [#​39371](https://github.com/quarkusio/quarkus/pull/39371) - Avoid resolving plugin command after the first option - [#​39382](https://github.com/quarkusio/quarkus/pull/39382) - Preserve POM format when extensions are added/removed - [#​39385](https://github.com/quarkusio/quarkus/issues/39385) - smallrye-health should hande the case when Vert.x current context is null - [#​39388](https://github.com/quarkusio/quarkus/issues/39388) - Hibernate runtime property persisting after build - [#​39394](https://github.com/quarkusio/quarkus/pull/39394) - Handle null Vert.x context in smallrye-health - [#​39426](https://github.com/quarkusio/quarkus/pull/39426) - Do not record active profile configuration name if a profile one exists - [#​39443](https://github.com/quarkusio/quarkus/pull/39443) - Use Quarkus wide version of jna-platform in azure-functions - [#​39496](https://github.com/quarkusio/quarkus/issues/39496) - Gradle build cache prevents source packages to be installed to local Maven repository - [#​39513](https://github.com/quarkusio/quarkus/issues/39513) - `@SecureField` in members of the response class isn't applied - [#​39528](https://github.com/quarkusio/quarkus/issues/39528) - (Doc issue) Getting token using blocking or non blocking calls - [#​39544](https://github.com/quarkusio/quarkus/issues/39544) - OidcClient: Getting exception when trying to use tokenHelper - [#​39546](https://github.com/quarkusio/quarkus/issues/39546) - Make maxParameters of MultiPartUploadHandler configurable - [#​39549](https://github.com/quarkusio/quarkus/pull/39549) - Make max parameters of multipart handling configurable - [#​39564](https://github.com/quarkusio/quarkus/pull/39564) - Fix Quarkus REST Jackson `@SecureField` detection on subclasses, interface implementors, fileds of the fields, parametrized types and arrays - [#​39572](https://github.com/quarkusio/quarkus/pull/39572) - Remove mvnpm and webjars from the 404 page - [#​39574](https://github.com/quarkusio/quarkus/pull/39574) - Add a section about openapi filters in the doc - [#​39576](https://github.com/quarkusio/quarkus/pull/39576) - Fix semconv-stability.opt-in property name - [#​39578](https://github.com/quarkusio/quarkus/pull/39578) - Update quarkus-project-develocity-extension to 1.0.7 - [#​39579](https://github.com/quarkusio/quarkus/pull/39579) - Don't run CDI interceptors on class-level exception mappers - [#​39580](https://github.com/quarkusio/quarkus/pull/39580) - Fix directory name in vertx.adoc - [#​39581](https://github.com/quarkusio/quarkus/issues/39581) - The http metrics provide a path instead of REDIRECTION and NOT_FOUND when possible - [#​39583](https://github.com/quarkusio/quarkus/pull/39583) - Keep the URIs in the metrics tag if they match a client or server pattern - [#​39586](https://github.com/quarkusio/quarkus/issues/39586) - RestMulti is not sending headers if there is no content - [#​39587](https://github.com/quarkusio/quarkus/pull/39587) - Properly use headers from RestMulti when the multi is empty - [#​39589](https://github.com/quarkusio/quarkus/pull/39589) - Only Add OTel Security Events when span is recording - [#​39594](https://github.com/quarkusio/quarkus/pull/39594) - Redis: add documentation for replicas usage - [#​39595](https://github.com/quarkusio/quarkus/pull/39595) - Update one of OIDC certificate chain tests to use TenantConfigResolver - [#​39598](https://github.com/quarkusio/quarkus/issues/39598) - ClassNotFoundException for beanparam class with generics in external artifact - [#​39599](https://github.com/quarkusio/quarkus/issues/39599) - JsonObject is empty when used with resteasy-reactive - [#​39604](https://github.com/quarkusio/quarkus/pull/39604) - Do not record local sources in runtime config defaults. - [#​39615](https://github.com/quarkusio/quarkus/pull/39615) - Allow JsonObject and JsonArray to be used in any POJO for JSON handling - [#​39623](https://github.com/quarkusio/quarkus/issues/39623) - Type not consistent in sample code - [#​39626](https://github.com/quarkusio/quarkus/pull/39626) - Update parameter type to be consistent across the doc - [#​39628](https://github.com/quarkusio/quarkus/pull/39628) - Bump smallrye-jwt.version from 4.4.0 to 4.5.0 - [#​39630](https://github.com/quarkusio/quarkus/pull/39630) - Bump smallrye-reactive-messaging.version from 4.18.0 to 4.19.0 - [#​39638](https://github.com/quarkusio/quarkus/pull/39638) - Avoid all caching in DevModeClient - [#​39642](https://github.com/quarkusio/quarkus/pull/39642) - WebSocket Next: endpoint callback arguments injection - [#​39645](https://github.com/quarkusio/quarkus/pull/39645) - Improve the OIDC Client Quickstart document - [#​39651](https://github.com/quarkusio/quarkus/pull/39651) - Bump io.quarkus.bot:build-reporter-maven-extension from 3.5.0 to 3.6.0 - [#​39656](https://github.com/quarkusio/quarkus/pull/39656) - Bump maven-model-helper to 35 - [#​39661](https://github.com/quarkusio/quarkus/pull/39661) - Fix property name in OIDC docs - [#​39679](https://github.com/quarkusio/quarkus/pull/39679) - Bump mime4j version to 0.8.11 - [#​39682](https://github.com/quarkusio/quarkus/pull/39682) - Fix postgres datasource devservice not working with rancher-desktop on mac arm - [#​39691](https://github.com/quarkusio/quarkus/pull/39691) - Fix dev-mode issue with generated classes for Quarkus REST converters - [#​39699](https://github.com/quarkusio/quarkus/issues/39699) - UpxCompressionBuildStep Not Executed Since Quarkus 3.8.2 - [#​39702](https://github.com/quarkusio/quarkus/pull/39702) - Bring back erroneously removed `@BuildStep` - [#​39706](https://github.com/quarkusio/quarkus/pull/39706) - Use --no-daemon when calling gradle update ### [`v3.9.0`](https://github.com/quarkusio/quarkus/releases/tag/3.9.0) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.8.3...3.9.0) ##### Complete changelog - [#​25101](https://github.com/quarkusio/quarkus/issues/25101) - \[CI] - quarkus-devtools-compat + Quarkus main - [#​27374](https://github.com/quarkusio/quarkus/issues/27374) - Update Quarkus CLI doc for installing specific version of the CLI to avoid printing warnings - [#​39144](https://github.com/quarkusio/quarkus/issues/39144) - WebSockets Next: documentation - [#​39315](https://github.com/quarkusio/quarkus/issues/39315) - `@ConfigMapping` handling of Maps is not compatible with old config classes - [#​39344](https://github.com/quarkusio/quarkus/issues/39344) - Avro schemas aren't generated in isolation - [#​39345](https://github.com/quarkusio/quarkus/pull/39345) - Isolate Avro schema code generation when using multiple schema files - [#​39363](https://github.com/quarkusio/quarkus/pull/39363) - Initial version of the WebSocket Next documentation - [#​39413](https://github.com/quarkusio/quarkus/pull/39413) - Refresh documentation (and some tests) of the Hibernate Search + ORM extension - [#​39427](https://github.com/quarkusio/quarkus/issues/39427) - Enforce authorization code flow access token verification if `JsonWebToken` is injected - [#​39428](https://github.com/quarkusio/quarkus/issues/39428) - Enforce OIDC UserInfo acquisition if `UserInfo` is injected - [#​39441](https://github.com/quarkusio/quarkus/issues/39441) - RESTEasy Reactive dependency added to deployment classpath of nearly all Quarkus apps - [#​39445](https://github.com/quarkusio/quarkus/pull/39445) - Remove Quarkus REST deployment dependency from Vertx HTTP deployment - [#​39447](https://github.com/quarkusio/quarkus/pull/39447) - Save concat indy allocations on JarResource::getResourceURL - [#​39454](https://github.com/quarkusio/quarkus/pull/39454) - Bump org.jboss.threads:jboss-threads from 3.5.1.Final to 3.6.0.Final - [#​39458](https://github.com/quarkusio/quarkus/pull/39458) - Enforce OIDC UserInfo acquisition and authorization code flow access token verification if UserInfo and JsonWebToken beans are injected - [#​39467](https://github.com/quarkusio/quarkus/pull/39467) - Fix codestarts compatibility with older CLI - [#​39468](https://github.com/quarkusio/quarkus/issues/39468) - ChainBuildException - Cycle detected after [#​39352](https://github.com/quarkusio/quarkus/issues/39352) MR - [#​39470](https://github.com/quarkusio/quarkus/pull/39470) - Remove the old MetricBuildItem SPI - [#​39471](https://github.com/quarkusio/quarkus/pull/39471) - Update to Vert.x 4.5.5 - [#​39472](https://github.com/quarkusio/quarkus/pull/39472) - Update SmallRye Config to 3.7.0 - [#​39474](https://github.com/quarkusio/quarkus/pull/39474) - Use explicit jar reference instead of GAV to avoid duplicate log warning - [#​39476](https://github.com/quarkusio/quarkus/pull/39476) - Fix the broken link to the OIDC client reference doc - [#​39477](https://github.com/quarkusio/quarkus/pull/39477) - Adjust toggle names in OTel InstrumentBuildTimeConfig - [#​39479](https://github.com/quarkusio/quarkus/issues/39479) - 3.9.0.CR2: NoClassDefFoundError: io/quarkus/security/spi/runtime/SecurityEvent - [#​39480](https://github.com/quarkusio/quarkus/pull/39480) - Fix security spi dependency on OTel - [#​39487](https://github.com/quarkusio/quarkus/pull/39487) - Allow occasional pin events in ShouldNotPin - [#​39491](https://github.com/quarkusio/quarkus/pull/39491) - Ignore the split access and refresh token cookies for resolving the tenant - [#​39519](https://github.com/quarkusio/quarkus/issues/39519) - OpenTelemetry - respect proxy settings in VertxGrpcExporter and VertxHttpExporter - [#​39522](https://github.com/quarkusio/quarkus/pull/39522) - Fix typos in rest doc - [#​39530](https://github.com/quarkusio/quarkus/pull/39530) - Update profile section in building-native-image.adoc - [#​39531](https://github.com/quarkusio/quarkus/pull/39531) - Use SmallRye Commons Inet - [#​39533](https://github.com/quarkusio/quarkus/issues/39533) - Class loader leak in configuration - [#​39536](https://github.com/quarkusio/quarkus/pull/39536) - Bump org.postgresql:postgresql from 42.7.2 to 42.7.3 - [#​39541](https://github.com/quarkusio/quarkus/pull/39541) - Update SmallRye Config to 3.7.1 - [#​39543](https://github.com/quarkusio/quarkus/pull/39543) - Enable proxy configuration for OpenTelemetry exporters - [#​39562](https://github.com/quarkusio/quarkus/pull/39562) - Bump io.smallrye.config:smallrye-config-source-yaml from 3.7.0 to 3.7.1 in /devtools/gradle ### [`v3.8.3`](https://github.com/quarkusio/quarkus/releases/tag/3.8.3) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.8.2...3.8.3) ##### Complete changelog - [#​25453](https://github.com/quarkusio/quarkus/issues/25453) - Mutiny is not compatible with quarkus opentelemetry - [#​31497](https://github.com/quarkusio/quarkus/issues/31497) - Enabled micrometer.binder.http-server should also capture parameterized sub-resources - [#​39047](https://github.com/quarkusio/quarkus/issues/39047) - Reactive pg datasource with enabled health check opens more connections than configured - [#​39145](https://github.com/quarkusio/quarkus/issues/39145) - Hibernate schema validation is flaky and fails due missing tables (while the tables are present) - [#​39162](https://github.com/quarkusio/quarkus/pull/39162) - Add mapping to a Map\<String, ConfigObject> in the documentation - [#​39178](https://github.com/quarkusio/quarkus/pull/39178) - Update grpc-service-implementation.adoc - [#​39192](https://github.com/quarkusio/quarkus/pull/39192) - Make HTTP templates for observability work with subresources - [#​39197](https://github.com/quarkusio/quarkus/issues/39197) - Qute is not adding the right NativeImageResourceBuildItem when using a custom template root - [#​39204](https://github.com/quarkusio/quarkus/issues/39204) - Update partial extension names to include full extension names - [#​39216](https://github.com/quarkusio/quarkus/pull/39216) - Unwrap processing exception from REST Client when returning a Uni - [#​39223](https://github.com/quarkusio/quarkus/pull/39223) - Fix WithSpan uni and multi - [#​39225](https://github.com/quarkusio/quarkus/pull/39225) - Upgrade to Mutiny 2.5.8 - [#​39242](https://github.com/quarkusio/quarkus/issues/39242) - e quarkus-azure-functions-http generationg function.json with missing method. - [#​39245](https://github.com/quarkusio/quarkus/issues/39245) - dev-ui shows wrong property for rest-client - [#​39251](https://github.com/quarkusio/quarkus/pull/39251) - Make mutiny version of pool use the already configured vertx pool - [#​39252](https://github.com/quarkusio/quarkus/pull/39252) - Explicitly set all HTTP methods for Azure Functions - [#​39255](https://github.com/quarkusio/quarkus/pull/39255) - Fix config key for dev-ui - [#​39257](https://github.com/quarkusio/quarkus/issues/39257) - Quarkus 3.8.1: Use GraalVM sdk 23.1.2 over 23.0.1 - [#​39260](https://github.com/quarkusio/quarkus/pull/39260) - Bump GraalVM SDK version to 23.1.2 - [#​39265](https://github.com/quarkusio/quarkus/pull/39265) - Properly support sending InputStream in REST Client - [#​39266](https://github.com/quarkusio/quarkus/issues/39266) - ./mvnw --file $(pwd)/./pom.xml broken since quarkus 3.7.1 - [#​39270](https://github.com/quarkusio/quarkus/issues/39270) - Update the title of dev-ui.adoc - [#​39271](https://github.com/quarkusio/quarkus/pull/39271) - Update the title of dev-ui.adoc and fix minor typos - [#​39294](https://github.com/quarkusio/quarkus/pull/39294) - Qute: add correct NativeImageResourceBuildItem for custom template root - [#​39309](https://github.com/quarkusio/quarkus/pull/39309) - Normalize POM path - [#​39310](https://github.com/quarkusio/quarkus/issues/39310) - Wrong reference on list of injected beans - [#​39311](https://github.com/quarkusio/quarkus/pull/39311) - Be more consistent with extension names in datasource.adoc - [#​39316](https://github.com/quarkusio/quarkus/issues/39316) - Empty container-group not allowed in Quarkus 3.8.2 - [#​39319](https://github.com/quarkusio/quarkus/pull/39319) - org.graalvm.js:js was renamed to org.graalvm.polyglot:js-community - [#​39337](https://github.com/quarkusio/quarkus/pull/39337) - Fix rest-client-mutiny mention in the docs - [#​39350](https://github.com/quarkusio/quarkus/issues/39350) - Exception when building application with a lot of dependencies, String too large to record error - [#​39352](https://github.com/quarkusio/quarkus/pull/39352) - Make Hibernate / Micrometer integration run after schema creation - [#​39353](https://github.com/quarkusio/quarkus/pull/39353) - Allow config empty values in the Gradle worker - [#​39354](https://github.com/quarkusio/quarkus/pull/39354) - Add note about pre-matching filters execution model - [#​39368](https://github.com/quarkusio/quarkus/issues/39368) - Submodule on second level fails to find itself in dev mode - [#​39372](https://github.com/quarkusio/quarkus/pull/39372) - Replace `org.graalvm.sdk:graal-sdk` dependency with `org.graalvm.sdk:nativeimage` - [#​39379](https://github.com/quarkusio/quarkus/pull/39379) - Bump org.apache.commons:commons-compress from 1.26.0 to 1.26.1 - [#​39383](https://github.com/quarkusio/quarkus/pull/39383) - Typo at OIDC Client Mutual TLS config properties - [#​39386](https://github.com/quarkusio/quarkus/pull/39386) - Update to Brotli4J 1.16.0 - [#​39402](https://github.com/quarkusio/quarkus/pull/39402) - ArC: fix creation of synthetic beans - [#​39411](https://github.com/quarkusio/quarkus/pull/39411) - Fix typo in Building my first extension - [#​39418](https://github.com/quarkusio/quarkus/pull/39418) - Use the value of project/default-codestart from the platform descriptor as the default codestart instead of a hardcoded value - [#​39430](https://github.com/quarkusio/quarkus/pull/39430) - Fix misleading error message when REST Client interface has been indexed - [#​39434](https://github.com/quarkusio/quarkus/pull/39434) - Qute: fix the NoRestartTemplatesDevModeTest on Windows - [#​39437](https://github.com/quarkusio/quarkus/pull/39437) - Make sure the current project location isn't overridden by other modules with the same groupId and artifactId - [#​39440](https://github.com/quarkusio/quarkus/issues/39440) - graal-sdk in 23.1.x brings in `org.graalvm.polyglot` which causes a couple of issues (wrap up) - [#​39442](https://github.com/quarkusio/quarkus/pull/39442) - Exclude org.graalvm.polyglot:polyglot from graal-sdk ### [`v3.8.2`](https://github.com/quarkusio/quarkus/releases/tag/3.8.2) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.8.1...3.8.2) ##### Complete changelog - [#​19849](https://github.com/quarkusio/quarkus/issues/19849) - Reactive rest client invoke MessageBodyReader.isReadable with null value of annotations parameter - [#​27999](https://github.com/quarkusio/quarkus/issues/27999) - quarkus.datasource."datasource-name".jdbc.min-size not honored if max-lifetime is set - [#​35993](https://github.com/quarkusio/quarkus/issues/35993) - Event-loop thread blocked when connecting to an unavailable OIDC server - [#​37984](https://github.com/quarkusio/quarkus/issues/37984) - Custom SecretsKeyHandler not found after update to 3.6.4 - [#​38007](https://github.com/quarkusio/quarkus/issues/38007) - Failure to resolve encrypted configuration properties with the Gradle plugin - [#​38392](https://github.com/quarkusio/quarkus/issues/38392) - Application.properties string substitution does not work when using gradle variables - [#​38424](https://github.com/quarkusio/quarkus/issues/38424) - application-test.yml is not utilized during tests executed during gradle build - [#​38435](https://github.com/quarkusio/quarkus/pull/38435) - Fix CLI not recognizing installed plugins - [#​38900](https://github.com/quarkusio/quarkus/pull/38900) - Bump Smallrye Reactive Messaging from 4.16.2 to 4.17.0 - [#​38971](https://github.com/quarkusio/quarkus/pull/38971) - Clarify that `quarkus.profile` cannot be set from a profile aware file - [#​38988](https://github.com/quarkusio/quarkus/pull/38988) - Do not expand configuration for Gradle cache - [#​38989](https://github.com/quarkusio/quarkus/issues/38989) - cert chain public key resolver thumbprints - [#​39001](https://github.com/quarkusio/quarkus/pull/39001) - Update to Vert.x 4.5.4 and Netty 4.1.107 - [#​39021](https://github.com/quarkusio/quarkus/pull/39021) - Upgrade to testcontainers 1.19.6 - [#​39023](https://github.com/quarkusio/quarkus/pull/39023) - Remove selector field from generated Job manifest in docs - [#​39041](https://github.com/quarkusio/quarkus/issues/39041) - JAX-RS seeOther does not work with IPv6 - [#​39046](https://github.com/quarkusio/quarkus/pull/39046) - Make sure Response and RestResponse work properly with IPv6 addresses - [#​39057](https://github.com/quarkusio/quarkus/pull/39057) - Skip analysis of plugin executions with phases post quarkus:dev preparing for dev mode launch - [#​39059](https://github.com/quarkusio/quarkus/issues/39059) - Exception in blocking graphql query is wrapped - [#​39063](https://github.com/quarkusio/quarkus/pull/39063) - Fix the OIDC token verification failure with the inlined cert chain - [#​39067](https://github.com/quarkusio/quarkus/pull/39067) - Updates to Infinispan 14.0.25.Final - [#​39068](https://github.com/quarkusio/quarkus/pull/39068) - Optionally run DNS lookup for OIDC server requests on worker thread - [#​39069](https://github.com/quarkusio/quarkus/pull/39069) - Do not fail UPX if compression level is not given - [#​39070](https://github.com/quarkusio/quarkus/pull/39070) - Doc: add Pulsar in Dev Services Overview - [#​39072](https://github.com/quarkusio/quarkus/pull/39072) - Update to Agroal 2.3 - [#​39078](https://github.com/quarkusio/quarkus/pull/39078) - Unwrap actual GraphQL data fetching exception if it is wrapped - [#​39093](https://github.com/quarkusio/quarkus/pull/39093) - Fix cross-references in the Vert.x Reference Guide - [#​39094](https://github.com/quarkusio/quarkus/pull/39094) - Emphasize the need to add quarkus-junit5-mockito as a dependency to use mock injection - [#​39102](https://github.com/quarkusio/quarkus/pull/39102) - Properly pass annotations to MessageBodyReader in REST Client - [#​39120](https://github.com/quarkusio/quarkus/issues/39120) - Startup fails with Kafka Stream if topics for topics check not defined when check is disabled - [#​39121](https://github.com/quarkusio/quarkus/pull/39121) - Do not fail on resolve kafka streams topics when topics check disabled - [#​39122](https://github.com/quarkusio/quarkus/pull/39122) - Use bcrypt password mapper in elytron-security-jdbc docs - [#​39123](https://github.com/quarkusio/quarkus/issues/39123) - Quarkus Dev Services passes wrong volume path to Docker on Windows - [#​39130](https://github.com/quarkusio/quarkus/issues/39130) - When building images with jib the fast-jar-lib layer is always changed - [#​39136](https://github.com/quarkusio/quarkus/pull/39136) - Fix wrong volume host path being used on Windows - [#​39147](https://github.com/quarkusio/quarkus/pull/39147) - Keep the timestamps when copying jars and building JIB layers - [#​39160](https://github.com/quarkusio/quarkus/pull/39160) - Fail on conflicting deployment kinds - [#​39168](https://github.com/quarkusio/quarkus/pull/39168) - Remove misleading note from jacoco.enabled - [#​39169](https://github.com/quarkusio/quarkus/issues/39169) - Unable to produce multiple synthetic beans of same type having different identifiers - [#​39179](https://github.com/quarkusio/quarkus/pull/39179) - Allow setting the SettingsDecrypter when initializing a Maven artifact resolver - [#​39181](https://github.com/quarkusio/quarkus/pull/39181) - ArC: fix BeanConfiguratorBase#read() - [#​39201](https://github.com/quarkusio/quarkus/pull/39201) - Bump quarkus-http.version from 5.2.0.Final to 5.2.1.Final - [#​39203](https://github.com/quarkusio/quarkus/pull/39203) - Fix typo in testing Getting Started guide example ### [`v3.8.1`](https://github.com/quarkusio/quarkus/releases/tag/3.8.1) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.8.0...3.8.1) ##### Complete changelog - [#​5314](https://github.com/quarkusio/quarkus/issues/5314) - Subresouce init resource failed when using `ResourceContext.getResource` - [#​36427](https://github.com/quarkusio/quarkus/issues/36427) - Keycloak admin client fail with "authHeader" is null when using classic extensions - [#​37065](https://github.com/quarkusio/quarkus/issues/37065) - Azure Functions Http: missing HTTP method definitions for delete and patch - [#​37779](https://github.com/quarkusio/quarkus/issues/37779) - No healthcheck for default Agroal datasource if `quarkus.datasource.db-kind` is not set - [#​37962](https://github.com/quarkusio/quarkus/issues/37962) - Can't specify custom quarkus.profile when running tests - [#​38557](https://github.com/quarkusio/quarkus/issues/38557) - Overwriting application configuration does not work with .env File - [#​38798](https://github.com/quarkusio/quarkus/issues/38798) - Using custom header in REST client together with `@NotBody` annotated argument results in warning from EndpointIndexer - [#​38880](https://github.com/quarkusio/quarkus/issues/38880) - CronJob deployment doesn't work due to `selector` field - [#​38881](https://github.com/quarkusio/quarkus/pull/38881) - Remove selector field if it's empty from manifest - [#​38891](https://github.com/quarkusio/quarkus/pull/38891) - Reduce message log level - [#​38895](https://github.com/quarkusio/quarkus/pull/38895) - Make VertxGrpcExporter more robust - [#​38899](https://github.com/quarkusio/quarkus/pull/38899) - Fix Keycloak Admin Client Classic when used with the RESTEasy JSON-B and REST Client JSON-B extensions - [#​38901](https://github.com/quarkusio/quarkus/issues/38901) - OidcProvider throws NPE when certificate chain is configured with OIDC server which has no JWK keys at the startup - [#​38909](https://github.com/quarkusio/quarkus/pull/38909) - Bump org.postgresql:postgresql from 42.7.1 to 42.7.2 - [#​38923](https://github.com/quarkusio/quarkus/pull/38923) - Allow all HTTP methods in Azure functions - [#​38925](https://github.com/quarkusio/quarkus/pull/38925) - Improve shutdown of VertxHttpExporter and VertxGrpcExporter - [#​38927](https://github.com/quarkusio/quarkus/pull/38927) - Use supplier in order to properly have mutiny retry - [#​38928](https://github.com/quarkusio/quarkus/issues/38928) - quarkus-quartz: CDIAwareJob destroys instance of Quartz Job too early when Job is a `@Dependent` bean - [#​38932](https://github.com/quarkusio/quarkus/pull/38932) - Fix NPE when OIDC token must be verified with the chain with OIDC server returning no JWKs - [#​38934](https://github.com/quarkusio/quarkus/issues/38934) - Agroal Data Source Health check failing for reactive data source - [#​38935](https://github.com/quarkusio/quarkus/pull/38935) - Upgrade to Mutiny 2.5.7 - [#​38938](https://github.com/quarkusio/quarkus/pull/38938) - Propagate user.dir to Gradle worker - [#​38944](https://github.com/quarkusio/quarkus/pull/38944) - Bump smallrye-open-api.version from 3.9.0 to 3.10.0 - [#​38949](https://github.com/quarkusio/quarkus/issues/38949) - Postgresql bump causing detection of instance Random/SplittableRandom - [#​38952](https://github.com/quarkusio/quarkus/issues/38952) - Properly pass errors from JsonRPC backends to Dev UI - [#​38953](https://github.com/quarkusio/quarkus/pull/38953) - Unwrap the actual failure from JsonRPC if it's wrapped - [#​38955](https://github.com/quarkusio/quarkus/pull/38955) - Try to get more disk space - [#​38957](https://github.com/quarkusio/quarkus/pull/38957) - Quartz - fix `@Dependent` job creation/destruction when there is a re-fire - [#​38958](https://github.com/quarkusio/quarkus/pull/38958) - Runtime reinitialize org.postgresql.util.PasswordUtil$SecureRandomHolder - [#​38959](https://github.com/quarkusio/quarkus/pull/38959) - Agroal - Only generate health checks for JDBC datasources - [#​38978](https://github.com/quarkusio/quarkus/pull/38978) - Bump org.mariadb.jdbc:mariadb-java-client from 3.3.2 to 3.3.3 - [#​38979](https://github.com/quarkusio/quarkus/pull/38979) - Propagate quarkus.test.profile to Gradle worker - [#​38986](https://github.com/quarkusio/quarkus/pull/38986) - Add missing brace in property expression - [#​38990](https://github.com/quarkusio/quarkus/issues/38990) - Quarkus 3.7.4 java.lang.ClassNotFoundException when running devsevices with gradle - [#​38995](https://github.com/quarkusio/quarkus/pull/38995) - Take client methods into account in server endpoint indexer - [#​38997](https://github.com/quarkusio/quarkus/pull/38997) - Add hint about exporter collector protocol on generic gRPC error - [#​38999](https://github.com/quarkusio/quarkus/pull/38999) - Remove JetBrains `@Nullable` from RESTEasy Reactive code - [#​39006](https://github.com/quarkusio/quarkus/pull/39006) - Bump Keycloak version to 23.0.7 - [#​39020](https://github.com/quarkusio/quarkus/pull/39020) - Make VertxHttpExporter more robust - [#​39022](https://github.com/quarkusio/quarkus/issues/39022) - `JAVA_APP_DIR` should be set for container images - [#​39024](https://github.com/quarkusio/quarkus/pull/39024) - Set JAVA_APP_DIR env var when necessary - [#​39028](https://github.com/quarkusio/quarkus/pull/39028) - Make Sub Resources unremovable beans - [#​39029](https://github.com/quarkusio/quarkus/pull/39029) - Update to Brotli 1.14.0 - [#​39031](https://github.com/quarkusio/quarkus/pull/39031) - Add commons-codec to Dev Services dependencies ### [`v3.8.0`](https://github.com/quarkusio/quarkus/releases/tag/3.8.0) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.7.4...3.8.0) ##### Complete changelog - [#​35686](https://github.com/quarkusio/quarkus/issues/35686) - Sporadic "Failed to export spans. The request could not be executed. Full error message: Stream was closed" ### [`v3.7.4`](https://github.com/quarkusio/quarkus/releases/tag/3.7.4) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.7.3...3.7.4) ##### Complete changelog - [#​37608](https://github.com/quarkusio/quarkus/issues/37608) - gRPC starter app is using legacy approach, single HTTP server should be used instead - [#​38236](https://github.com/quarkusio/quarkus/issues/38236) - Adding a decorator causes bytecode error - [#​38504](https://github.com/quarkusio/quarkus/issues/38504) - NPE on oidc-client when quarkus.oidc-client.grant-options.password.password not provided - [#​38533](https://github.com/quarkusio/quarkus/issues/38533) - 'Unable to find a JDBC driver' for Hibernate Reactive after updating to 3.7.1 - [#​38683](https://github.com/quarkusio/quarkus/issues/38683) - Build time performance regression and bigger native binaries when migrating from 3.5 to 3.6 or 3.7 - [#​38688](https://github.com/quarkusio/quarkus/pull/38688) - Making sure deployment modules excluded in POM files aren't pulled in by the Gradle plugin - [#​38721](https://github.com/quarkusio/quarkus/issues/38721) - Java 21: `@VirtualThreadUnit` produces very slow tests - [#​38763](https://github.com/quarkusio/quarkus/issues/38763) - Enable an injection of the OIDC code flow access token verificaton material - [#​38767](https://github.com/quarkusio/quarkus/pull/38767) - Fail early if OIDC client password grant is misconfigured - [#​38771](https://github.com/quarkusio/quarkus/pull/38771) - Adds an implementation note about `@VirtualThreadUnit` limitations - [#​38775](https://github.com/quarkusio/quarkus/pull/38775) - Use the right MongoDB ClientSession interface - [#​38776](https://github.com/quarkusio/quarkus/issues/38776) - OidcRequestFilter with OidcEndpoint applied to all endpoints - [#​38777](https://github.com/quarkusio/quarkus/issues/38777) - OIDC Code flow access token verification goes ahead even if the ID token verification has failed - [#​38779](https://github.com/quarkusio/quarkus/pull/38779) - Fix OidcEndpoint annotation processing - [#​38784](https://github.com/quarkusio/quarkus/pull/38784) - Fix guide URL in RESTEasy Client extension - [#​38785](https://github.com/quarkusio/quarkus/pull/38785) - ArC: fix interception when some methods return void - [#​38798](https://github.com/quarkusio/quarkus/issues/38798) - Using custom header in REST client together with `@NotBody` annotated argument results in warning from EndpointIndexer - [#​38800](https://github.com/quarkusio/quarkus/pull/38800) - Don't warn about `@NotBody` use in `@GET` methods in REST Client - [#​38802](https://github.com/quarkusio/quarkus/issues/38802) - Multipart form data is interpreted as a file although it's not a file - [#​38803](https://github.com/quarkusio/quarkus/issues/38803) - OIDC server is erroneously shown as not available - [#​38810](https://github.com/quarkusio/quarkus/pull/38810) - Expand types which are considered text in multipart handling - [#​38815](https://github.com/quarkusio/quarkus/issues/38815) - Support security identity propagation in VT - [#​38816](https://github.com/quarkusio/quarkus/pull/38816) - Propagate Vert.x context on all ExecutorService methods for VirtualThreadExecutor - [#​38817](https://github.com/quarkusio/quarkus/issues/38817) - Mocking Singleton does not work even when using `@MockitoConfig`(convertScopes = true) - Bean produced from factory method - [#​38818](https://github.com/quarkusio/quarkus/pull/38818) - Allow `RunAndCheckMojoTestBase` subclasses to override how much memory extension tests are allowed - [#​38819](https://github.com/quarkusio/quarkus/pull/38819) - Add response text to the OIDC bootstrap log errors - [#​38821](https://github.com/quarkusio/quarkus/pull/38821) - Configure SISU bean filtering for the bootstrap Maven resolver - [#​38824](https://github.com/quarkusio/quarkus/issues/38824) - Memory leak when using FT Fallback with dependent beans - [#​38833](https://github.com/quarkusio/quarkus/issues/38833) - Keycloak Admin Client Reactive error id: [`9009f9b`](https://github.com/quarkusio/quarkus/commit/9009f9b4)-1d58-4011-9ff2-49b87bb59ddd-1: java.lang.NullPointerException: Cannot invoke "String.startsWith(String)" because "authHeader" is null - [#​38836](https://github.com/quarkusio/quarkus/pull/38836) - Fix Keycloak Admin Client Reactive Jackson reader provider priority so that the client can work when the JSONB REST client extension is present - [#​38837](https://github.com/quarkusio/quarkus/issues/38837) - Quarkus create new project fails when -DnoCode is used and artifactId is not set properly - [#​38843](https://github.com/quarkusio/quarkus/pull/38843) - Check the code flow access token after ID token - [#​38844](https://github.com/quarkusio/quarkus/pull/38844) - Fix copy/paste typo - [#​38849](https://github.com/quarkusio/quarkus/pull/38849) - Ensure that generated project GAV is always set - [#​38851](https://github.com/quarkusio/quarkus/issues/38851) - Kafka integration tests fail with latest Mandrel/GraalVM 24.1-dev builds - [#​38853](https://github.com/quarkusio/quarkus/pull/38853) - \[3.7] Perform security checks on inherited endpoints before payload deserialization in the RESTEasy Reactive - [#​38855](https://github.com/quarkusio/quarkus/pull/38855) - Make registration of OAuthBearerValidatorCallbackHandler conditional - [#​38858](https://github.com/quarkusio/quarkus/pull/38858) - Testing: fix `@MockitoConfig`(convertScopes=true) with auto-producers - [#​38859](https://github.com/quarkusio/quarkus/pull/38859) - Fix warning when launching dev mode specifying quarkus-maven-plugin GAV on the command line - [#​38865](https://github.com/quarkusio/quarkus/pull/38865) - Update commons-compress version to mitigate CVE-2024-25710 - [#​38866](https://github.com/quarkusio/quarkus/issues/38866) - Sporadic error in custom readiness check using `keycloak-admin-client`: `IllegalStateException: Client is closed` - [#​38868](https://github.com/quarkusio/quarkus/pull/38868) - Add config flag to disable jacoco - [#​38882](https://github.com/quarkusio/quarkus/pull/38882) - Quartz - prevent memory leak when Job instance is a `@Dependent` bean - [#​38886](https://github.com/quarkusio/quarkus/pull/38886) - Ignore `ValidationSchema` that results in registering all models - [#​38888](https://github.com/quarkusio/quarkus/pull/38888) - SmallRye Health: terminate request context properly - [#​38889](https://github.com/quarkusio/quarkus/issues/38889) - Kafka reactive messaging extension incompatible with Micrometer Prometheus extension for Quarkus 3.7.\* - [#​38890](https://github.com/quarkusio/quarkus/pull/38890) - Log resolved OIDC tenant id and how the bearer token is found - [#​38894](https://github.com/quarkusio/quarkus/pull/38894) - Disable messaging observation by default for backwards compatibility - [#​38897](https://github.com/quarkusio/quarkus/pull/38897) - Attempt to fix flaky DependentBeanJobTest ### [`v3.7.3`](https://github.com/quarkusio/quarkus/releases/tag/3.7.3) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.7.2...3.7.3) ##### Complete changelog - [#​36341](https://github.com/quarkusio/quarkus/issues/36341) - The API method KafkaStreams#cleanUp() is not applicable when use `@Produces` to build the topology - [#​37091](https://github.com/quarkusio/quarkus/pull/37091) - Fix VertxGrpcExporter reponse status handling - [#​37911](https://github.com/quarkusio/quarkus/pull/37911) - Store since JavaDoc tag in the configuration metadata, so that Quarkiverse projects can render it in their documentation if they like - [#​38055](https://github.com/quarkusio/quarkus/issues/38055) - Make annotation app.quarkus.io/vcs-uri optional in Kubernetes extension - [#​38079](https://github.com/quarkusio/quarkus/pull/38079) - Make OidcTestSecurityIdentityAugmentor faster by making privateKey's generation final and static - [#​38196](https://github.com/quarkusio/quarkus/pull/38196) - Use Vert.x pool with Jackson - [#​38477](https://github.com/quarkusio/quarkus/pull/38477) - Add disabled workflow to deploy snapshots in Quarkiverse extensions - [#​38489](https://github.com/quarkusio/quarkus/issues/38489) - OIDC authentication.extra-params not added to dev-services auth request - [#​38602](https://github.com/quarkusio/quarkus/issues/38602) - QuarkusComponentTest: `@TestConfigProperties` not applicable to method (override multiple config properties) - [#​38607](https://github.com/quarkusio/quarkus/pull/38607) - Gradle: fix IllegalStateException when resolving project deps - [#​38613](https://github.com/quarkusio/quarkus/issues/38613) - RabbitMQ Health Checks cannot be disabled from 3.7+ - [#​38615](https://github.com/quarkusio/quarkus/pull/38615) - Updates to Infinispan 14.0.24.Final - [#​38619](https://github.com/quarkusio/quarkus/pull/38619) - Pass extra authentication params in the OIDC DevUI code flow redirect URL - [#​38626](https://github.com/quarkusio/quarkus/pull/38626) - Bump org.junit.jupiter:junit-jupiter from 5.10.1 to 5.10.2 - [#​38650](https://github.com/quarkusio/quarkus/issues/38650) - UI doesn't work correct with umlauts - [#​38653](https://github.com/quarkusio/quarkus/pull/38653) - Enforce Dev UI charset to UTF-8 - [#​38655](https://github.com/quarkusio/quarkus/pull/38655) - Allow for multiple TestConfigProperty annotations on methods - [#​38656](https://github.com/quarkusio/quarkus/pull/38656) - Upgrade the Mutiny Vert.x bindings to 3.9.0 - [#​38658](https://github.com/quarkusio/quarkus/issues/38658) - Configure a REST Client ClientLogger vía CDI - [#​38662](https://github.com/quarkusio/quarkus/pull/38662) - Bump io.smallrye.config:smallrye-config-source-yaml from 3.5.2 to 3.5.4 in /devtools/gradle - [#​38663](https://github.com/quarkusio/quarkus/issues/38663) - ContainerRequestContext.getUriInfo().getMatchedURIs() IndexOutOfBoundsException - [#​38664](https://github.com/quarkusio/quarkus/pull/38664) - Bump Smallrye RM from 4.16.0 to 4.16.1 - [#​38670](https://github.com/quarkusio/quarkus/pull/38670) - Make ClientLogger beans unremovable - [#​38671](https://github.com/quarkusio/quarkus/pull/38671) - Redis Client: improve documentation for sentinel and cluster - [#​38672](https://github.com/quarkusio/quarkus/pull/38672) - Remove WATCH Command in absence of Optimistic Locking - [#​38673](https://github.com/quarkusio/quarkus/pull/38673) - Fix OidcRequestFiler typo in security docs - [#​38674](https://github.com/quarkusio/quarkus/pull/38674) - Improve flaky test - [#​38675](https://github.com/quarkusio/quarkus/pull/38675) - Correct example generated yaml in extension metadata docs - [#​38676](https://github.com/quarkusio/quarkus/issues/38676) - OpenAPI does not fill roles in SecurityScheme in schema - [#​38680](https://github.com/quarkusio/quarkus/pull/38680) - Log how Keycloak devservice maps resources - [#​38681](https://github.com/quarkusio/quarkus/pull/38681) - Upgrade to Hibernate ORM 6.4.4.Final / bytebuddy 1.14.11 - [#​38686](https://github.com/quarkusio/quarkus/pull/38686) - Make GraphQL Metrics End when Exceptional - [#​38692](https://github.com/quarkusio/quarkus/pull/38692) - Bump com.gradle:gradle-enterprise-maven-extension from 1.20 to 1.20.1 - [#​38693](https://github.com/quarkusio/quarkus/pull/38693) - Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 - [#​38694](https://github.com/quarkusio/quarkus/pull/38694) - OpenAPI: remove check that avoids running auto-security at build - [#​38703](https://github.com/quarkusio/quarkus/issues/38703) - RESTEasy Reactive Multipart struggles with non-file binary uploads - [#​38705](https://github.com/quarkusio/quarkus/pull/38705) - Kafka Streams fire event after created and before scheduling the start - [#​38706](https://github.com/quarkusio/quarkus/issues/38706) - Elasticsearch container reuse creates a new container on each run - [#​38709](https://github.com/quarkusio/quarkus/pull/38709) - Don't provide empty paths when using a root prefix - [#​38710](https://github.com/quarkusio/quarkus/pull/38710) - Avoid Vert.x GraphQL deprecation warning - [#​38712](https://github.com/quarkusio/quarkus/pull/38712) - Bump Smallrye RM from 4.16.1 to 4.16.2 - [#​38713](https://github.com/quarkusio/quarkus/pull/38713) - Only configure shared network for Elasticsearch/OpenSearch containers where necessary - [#​38714](https://github.com/quarkusio/quarkus/pull/38714) - Don't assume that multipart part without filename is always text - [#​38728](https://github.com/quarkusio/quarkus/pull/38728) - Encode Kafka messages with UTF8 - [#​38730](https://github.com/quarkusio/quarkus/issues/38730) - Accept-Header in hibernate validator's ResteasyReactiveLocaleResolver is resolved case-sensitive - [#​38732](https://github.com/quarkusio/quarkus/issues/38732) - Quarkus should still allow to create project with Java 11 (for older streams and other platforms) - [#​38733](https://github.com/quarkusio/quarkus/pull/38733) - Allow Java 11 as LTS for older streams and other platforms - [#​38738](https://github.com/quarkusio/quarkus/pull/38738) - Make accept header check in validation case insensitive - [#​38748](https://github.com/quarkusio/quarkus/pull/38748) - Sanitize app.dekorate.io/vcs-url kubernetes annotation - [#​38755](https://github.com/quarkusio/quarkus/pull/38755) - Log when a RestEasy Reactive client close method is called - [#​38756](https://github.com/quarkusio/quarkus/pull/38756) - Bump Keycloak version to 23.0.6 - [#​38760](https://github.com/quarkusio/quarkus/pull/38760) - Set COMPILE_ONLY flag on relevant dependencies that appear on DEPLOYMENT_CP and RUNTIME_CP ### [`v3.7.2`](https://github.com/quarkusio/quarkus/releases/tag/3.7.2) [Compare Source](https://github.com/quarkusio/quarkus/compare/3.7.1...3.7.2) ##### Complete changelog - [#​37807](https://github.com/quarkusio/quarkus/issues/37807) - SSL requests hang when returning a CompletableFuture - [#​38101](https://github.com/quarkusio/quarkus/issues/38101) - smallrye-openapi property `oidc-open-id-connect-url` might not be fixed at build time - [#​38231](https://github.com/quarkusio/quarkus/pull/38231) - OpenAPI: Always run OpenIDConnectSecurityFilter at runtime - [#​38310](https://github.com/quarkusio/quarkus/pull/38310) - Add note about the two quarkus-extension files - [#​38394](https://github.com/quarkusio/quarkus/issues/38394) - quarkus-cache: "keyGenerator" destroyed, even if it is annotated with "Singleton" - [#​38397](https://github.com/quarkusio/quarkus/pull/38397) - Use actions/setup-java GPG key feature - [#​38411](https://github.com/quarkusio/quarkus/pull/38411) - Cache: only dependent CacheKeyGenerator beans are destroyed after use - [#​38422](https://github.com/quarkusio/quarkus/issues/38422) - nested configurations in extension: sub-property is seen as nested entity. - [#​38431](https://github.com/quarkusio/quarkus/issues/38431) - `quarkus.oidc-token-propagation-reactive.enabled-during-authentication` does not work correctly in the code flow - [#​38442](https://github.com/quarkusio/quarkus/pull/38442) - Make sure the code flow access token is propagated during the authentication - [#​38444](https://github.com/quarkusio/quarkus/pull/38444) - Fix request hanging condition - [#​38451](https://github.com/quarkusio/quarkus/issues/38451) - Remove workaround for HHH-17683 in Panache - [#​38479](https://github.com/quarkusio/quarkus/issues/38479) - Stricter and false positive env variables validation after upgrade to 3.7.0 - [#​38483](https://github.com/quarkusio/quarkus/pull/38483) - Add a tool to check cross references - [#​38488](https://github.com/quarkusio/quarkus/pull/38488) - Update to Vert.x 4.5.2 - [#​38495](https://github.com/quarkusio/quarkus/pull/38495) - Add org.graalvm.regex:regex to runnerParentFirstArtifacts - [#​38499](https://github.com/quarkusio/quarkus/issues/38499) - Alpn property not work in rest client reactive - [#​38500](https://github.com/quarkusio/quarkus/pull/38500) - Make quarkus.rest-client.alpn work in programmatically created client - [#​38506](https://github.com/quarkusio/quarkus/issues/38506) - lombok warning when building with 3.7.1 - [#​38514](https://github.com/quarkusio/quarkus/issues/38514) - Alpn property not work for single rest client reactive - [#​38516](https://github.com/quarkusio/quarkus/pull/38516) - Add missing alpn config key handling from named config - [#​38521](https://github.com/quarkusio/quarkus/issues/38521) - Panache sorting no longer works for embedded fields in Quarkus 3.7.1 - [#​38525](https://github.com/quarkusio/quarkus/pull/38525) - Fix typo in RedisClientConfig JavaDoc - [#​38527](https://github.com/quarkusio/quarkus/pull/38527) - Revert "Escape column names with backticks in order by clause of hql query" - [#​38543](https://github.com/quarkusio/quarkus/issues/38543) - LinksProcessor ID field error for native class HalCollectionWrapper - [#​38545](https://github.com/quarkusio/quarkus/issues/38545) - Enhance Adding extension section in cli-tooling documentation page - [#​38546](https://github.com/quarkusio/quarkus/pull/38546) - Add globbing pattern to cli-tooling.adoc - [#​38548](https://github.com/quarkusio/quarkus/pull/38548…
Thanks to all about SCRAM! Version: PgJDBC 42.7.4 (2024-08-22) Linked to: |
This PR contains the following updates: | Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | [org.threeten:threetenbp](https://www.threeten.org/threetenbp) ([source](https://github.com/ThreeTen/threetenbp)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.6.9` -> `1.7.0` | | [app.cash.tempest:tempest-bom](https://github.com/cashapp/tempest) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2024.08.07.002316-64f40ef` -> `2024.09.04.165019-8430cf3` | | [org.postgresql:postgresql](https://jdbc.postgresql.org) ([source](https://github.com/pgjdbc/pgjdbc)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `42.3.9` -> `42.7.4` | | [com.squareup.okio:okio](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `3.9.0` -> `3.9.1` | | [org.mockito:mockito-core](https://github.com/mockito/mockito) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `5.13.0` -> `5.14.1` | | [ch.qos.logback:logback-core](http://logback.qos.ch) ([source](https://github.com/qos-ch/logback), [changelog](https://logback.qos.ch/news.html)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.4.14` -> `1.5.6` | | [ch.qos.logback:logback-classic](http://logback.qos.ch) ([source](https://github.com/qos-ch/logback), [changelog](https://logback.qos.ch/news.html)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.4.14` -> `1.5.6` | | [org.jetbrains.kotlinx:kotlinx-coroutines-core](https://github.com/Kotlin/kotlinx.coroutines) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.8.1` -> `1.9.0` | | [org.jooq:jooq](http://www.jooq.org) ([source](https://github.com/jOOQ/jOOQ)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `3.18.2` -> `3.18.20` | | [redis.clients:jedis](https://github.com/redis/jedis) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `5.1.5` -> `5.2.0` | | [com.google.guava:guava-bom](https://github.com/google/guava) ([source](http://svn.sonatype.org/spice/trunk/oss/oss-parent-9)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `33.3.0-jre` -> `33.3.1-jre` | | [io.grpc:grpc-stub](https://github.com/grpc/grpc-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.60.0` -> `1.68.0` | | [io.grpc:grpc-protobuf](https://github.com/grpc/grpc-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.60.0` -> `1.68.0` | | [io.grpc:grpc-netty](https://github.com/grpc/grpc-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.60.0` -> `1.68.0` | | [io.grpc:protoc-gen-grpc-java](https://github.com/grpc/grpc-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.60.0` -> `1.68.0` | | [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.60.0` -> `1.68.0` | | [io.grpc:grpc-api](https://github.com/grpc/grpc-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.60.0` -> `1.68.0` | | [com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.43.0` -> `2.45.1` | | [com.google.apis:google-api-services-storage](http://nexus.sonatype.org/oss-repository-hosting.html) ([source](http://svn.sonatype.org/spice/tags/oss-parent-7)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `v1-rev20240916-2.0.0` -> `v1-rev20240924-2.0.0` | | [com.google.cloud:google-cloud-spanner](https://github.com/googleapis/java-spanner) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `6.75.0` -> `6.76.0` | | [com.google.api:gax](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.52.0` -> `2.54.1` | | [com.google.errorprone:error_prone_annotations](https://errorprone.info) ([source](https://github.com/google/error-prone)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.31.0` -> `2.32.0` | | [com.netflix.concurrency-limits:concurrency-limits-core](https://github.com/Netflix/concurrency-limits) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `0.5.1` -> `0.5.2` | | [org.apache.commons:commons-lang3](https://commons.apache.org/proper/commons-lang/) ([source](https://gitbox.apache.org/repos/asf?p=commons-lang.git)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.16.0` -> `3.17.0` | | [commons-io:commons-io](https://commons.apache.org/proper/commons-io/) ([source](https://gitbox.apache.org/repos/asf?p=commons-io.git)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.16.1` -> `2.17.0` | | [app.cash.sqldelight:runtime](https://github.com/cashapp/sqldelight) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.0.0` -> `2.0.2` | | [app.cash.sqldelight:mysql-dialect](https://github.com/cashapp/sqldelight) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.0.0` -> `2.0.2` | | [app.cash.sqldelight:jdbc-driver](https://github.com/cashapp/sqldelight) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.0.0` -> `2.0.2` | | [app.cash.sqldelight:gradle-plugin](https://github.com/cashapp/sqldelight) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.0.0` -> `2.0.2` | | [com.google.protobuf:protoc](https://developers.google.com/protocol-buffers/) ([source](https://github.com/protocolbuffers/protobuf)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `3.25.4` -> `3.25.5` | | [com.google.protobuf:protobuf-java](https://developers.google.com/protocol-buffers/) ([source](https://github.com/protocolbuffers/protobuf)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `3.25.4` -> `3.25.5` | | [com.squareup.okhttp3:mockwebserver](https://square.github.io/okhttp/) ([source](https://github.com/square/okhttp)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `5.0.0-alpha.13` -> `5.0.0-alpha.14` | | [com.squareup.okhttp3:okhttp](https://square.github.io/okhttp/) ([source](https://github.com/square/okhttp)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `5.0.0-alpha.13` -> `5.0.0-alpha.14` | | [io.netty:netty-handler](https://netty.io/) ([source](https://github.com/netty/netty)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `4.1.112.Final` -> `4.1.113.Final` | | [io.netty:netty-bom](https://netty.io/) ([source](https://github.com/netty/netty)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `4.1.112.Final` -> `4.1.113.Final` | | [io.micrometer:micrometer-registry-prometheus](https://github.com/micrometer-metrics/micrometer) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.9` -> `1.12.10` | | [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.9` -> `1.12.10` | | [com.vanniktech.maven.publish.base](https://github.com/vanniktech/gradle-maven-publish-plugin) | plugin | misk/gradle/libs.versions.toml | gradle | minor | `0.27.0` -> `0.28.0` | | [com.vanniktech:gradle-maven-publish-plugin](https://github.com/vanniktech/gradle-maven-publish-plugin) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `0.27.0` -> `0.28.0` | | [org.junit.jupiter:junit-jupiter-params](https://junit.org/junit5/) ([source](https://github.com/junit-team/junit5)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `5.11.0` -> `5.11.1` | | [org.junit.jupiter:junit-jupiter-engine](https://junit.org/junit5/) ([source](https://github.com/junit-team/junit5)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `5.11.0` -> `5.11.1` | | [org.junit.jupiter:junit-jupiter-api](https://junit.org/junit5/) ([source](https://github.com/junit-team/junit5)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `5.11.0` -> `5.11.1` | | [com.fasterxml.jackson.module:jackson-module-kotlin](https://github.com/FasterXML/jackson-module-kotlin) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.17.2` -> `2.18.0` | | [com.fasterxml.jackson.datatype:jackson-datatype-jsr310](https://github.com/FasterXML/jackson-modules-java8) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.17.2` -> `2.18.0` | | [com.fasterxml.jackson.dataformat:jackson-dataformat-yaml](https://github.com/FasterXML/jackson-dataformats-text) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.17.2` -> `2.18.0` | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) ([source](https://github.com/FasterXML/jackson-databind)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.17.2` -> `2.18.0` | | [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.17.2` -> `2.18.0` | | [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.17.2` -> `2.18.0` | | [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) ([source](https://github.com/FasterXML/jackson-annotations)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.17.2` -> `2.18.0` | | [com.google.auth:google-auth-library-oauth2-http](https://github.com/googleapis/google-auth-library-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.24.1` -> `1.27.0` | | [com.google.auth:google-auth-library-credentials](https://github.com/googleapis/google-auth-library-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.24.1` -> `1.27.0` | | [io.gitlab.arturbosch.detekt:detekt-test-utils](https://detekt.dev) ([source](https://github.com/detekt/detekt)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.23.6` -> `1.23.7` | | [io.gitlab.arturbosch.detekt:detekt-test](https://detekt.dev) ([source](https://github.com/detekt/detekt)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.23.6` -> `1.23.7` | | [io.gitlab.arturbosch.detekt:detekt-psi-utils](https://detekt.dev) ([source](https://github.com/detekt/detekt)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.23.6` -> `1.23.7` | | [io.gitlab.arturbosch.detekt:detekt-parser](https://detekt.dev) ([source](https://github.com/detekt/detekt)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.23.6` -> `1.23.7` | | [io.gitlab.arturbosch.detekt:detekt-gradle-plugin](https://detekt.dev) ([source](https://github.com/detekt/detekt)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.23.6` -> `1.23.7` | | [io.gitlab.arturbosch.detekt:detekt-api](https://detekt.dev) ([source](https://github.com/detekt/detekt)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.23.6` -> `1.23.7` | | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.38.1` -> `1.39.1` | | [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.38.1` -> `1.39.1` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.27.14` -> `2.28.11` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.27.14` -> `2.28.11` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.27.14` -> `2.28.11` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.27.14` -> `2.28.11` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.27.14` -> `2.28.11` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.27.14` -> `2.28.11` | | [com.amazonaws:aws-java-sdk-sqs](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.770` -> `1.12.772` | | [com.amazonaws:aws-java-sdk-s3](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.770` -> `1.12.772` | | [com.amazonaws:aws-java-sdk-dynamodb](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.770` -> `1.12.772` | | [com.amazonaws:aws-java-sdk-core](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.770` -> `1.12.772` | --- > ⚠️ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>ThreeTen/threetenbp (org.threeten:threetenbp)</summary> ### [`v1.7.0`](https://github.com/ThreeTen/threetenbp/releases/tag/v1.7.0) See the [change notes](https://www.threeten.org/threetenbp/changes-report.html) for more information. </details> <details> <summary>pgjdbc/pgjdbc (org.postgresql:postgresql)</summary> ### [`v42.7.4`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4274-2024-08-22-080000--0400) ##### Added - chore: SCRAM dependency to 3.1 and support channel binding [PR #​3188](https://github.com/pgjdbc/pgjdbc/pull/3188) - chore: Add PostgreSQL 15, 16, and 17beta1 to CI tests [PR #​3299](https://github.com/pgjdbc/pgjdbc/pull/3299) - test: Update to 17beta3 [PR #​3308](https://github.com/pgjdbc/pgjdbc/pull/3308) - chore: Implement direct SSL ALPN connections [PR #​3252](https://github.com/pgjdbc/pgjdbc/pull/3252) - translation: Add Korean translation file [PR #​3276](https://github.com/pgjdbc/pgjdbc/pull/3276) ##### Fixed - fix: PgInterval ignores case for represented interval string [PR #​3344](https://github.com/pgjdbc/pgjdbc/pull/3344) - perf: Avoid extra copies when receiving int4 and int2 in PGStream [PR #​3295](https://github.com/pgjdbc/pgjdbc/pull/3295) - fix: Add support for Infinity::numeric values in ResultSet.getObject [PR #​3304](https://github.com/pgjdbc/pgjdbc/pull/3304) - fix: Ensure order of results for getDouble [PR #​3301](https://github.com/pgjdbc/pgjdbc/pull/3301) - perf: Replace BufferedOutputStream with unsynchronized PgBufferedOutputStream, allow configuring different Java and SO_SNDBUF buffer sizes [PR #​3248](https://github.com/pgjdbc/pgjdbc/pull/3248) - fix: Fix SSL tests [PR #​3260](https://github.com/pgjdbc/pgjdbc/pull/3260) - fix: Support bytea in preferQueryMode=simple [PR #​3243](https://github.com/pgjdbc/pgjdbc/pull/3243) - fix: Fix [#​3234](https://github.com/pgjdbc/pgjdbc/issues/3234) - Return -1 as update count for stored procedure calls [PR #​3235](https://github.com/pgjdbc/pgjdbc/pull/3235) - fix: Fix [#​3224](https://github.com/pgjdbc/pgjdbc/issues/3224) - conversion for TIME '24:00' to LocalTime breaks in binary-mode [PR #​3225](https://github.com/pgjdbc/pgjdbc/pull/3225) - perf: Speed up getDate by parsing bytes instead of String [PR #​3141](https://github.com/pgjdbc/pgjdbc/pull/3141) - fix: support PreparedStatement.setBlob(1, Blob) and PreparedStatement.setClob(1, Clob) for lobs that return -1 for length [PR #​3136](https://github.com/pgjdbc/pgjdbc/pull/3136) - fix: Validates resultset Params in PGStatement constructor. uses assertThro… [PR #​3171](https://github.com/pgjdbc/pgjdbc/pull/3171) - fix: Validates resultset parameters [PR #​3167](https://github.com/pgjdbc/pgjdbc/pull/3167) - docs: Replace greater to with greater than [PR #​3315](https://github.com/pgjdbc/pgjdbc/pull/3315) - docs: Clarify binaryTransfer and prepareThreshold [PR #​3338](https://github.com/pgjdbc/pgjdbc/pull/3338) - docs: use.md, typo [PR #​3314](https://github.com/pgjdbc/pgjdbc/pull/3314) - test: Use docker v2 which changes docker-compose to docker compose [#​3339](https://github.com/pgjdbc/pgjdbc/pull/3339) - refactor: Merge PgPreparedStatement#setBinaryStream int and long methods [PR #​3165](https://github.com/pgjdbc/pgjdbc/pull/3165) - test: Test both binaryMode=true,false when creating connections in DatabaseMetaDataTest [PR #​3231](https://github.com/pgjdbc/pgjdbc/pull/3231) - docs: Fixed typos in all source code and documentations [PR #​3242](https://github.com/pgjdbc/pgjdbc/pull/3242) - chore: Remove self-hosted runner [PR #​3227](https://github.com/pgjdbc/pgjdbc/pull/3227) - docs: Add cancelSignalTimeout in README [PR #​3190](https://github.com/pgjdbc/pgjdbc/pull/3190) - docs: Document READ_ONLY_MODE in README [PR #​3175](https://github.com/pgjdbc/pgjdbc/pull/3175) - test: Test for +/- infinity double values [PR #​3294](https://github.com/pgjdbc/pgjdbc/pull/3294) - test: Switch localhost and auth-test around for test-gss [PR #​3343](https://github.com/pgjdbc/pgjdbc/pull/3343) - fix: remove preDescribe from internalExecuteBatch [PR #​2883](https://github.com/pgjdbc/pgjdbc/pull/2883) ##### Deprecated - test: Deprecate all PostgreSQL versions older than 9.1 [PR #​3335](https://github.com/pgjdbc/pgjdbc/pull/3335) ### [`v42.7.3`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4273-2024-04-14-145100--0400) ##### Changed - chore: gradle config enforces 17+ [PR #​3147](https://github.com/pgjdbc/pgjdbc/pull/3147) ##### Fixed - fix: boolean types not handled in SimpleQuery mode [PR #​3146](https://github.com/pgjdbc/pgjdbc/pull/3146) - make sure we handle boolean types in simple query mode - support uuid as well - handle all well known types in text mode and change `else if` to `switch` - fix: released new versions of 42.2.29, 42.3.10, 42.4.5, 42.5.6, 42.6.2 to deal with `NoSuchMethodError on ByteBuffer#position` when running on Java 8 ### [`v42.7.2`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4272-2024-02-21-082300--0500) ##### Security - security: SQL Injection via line comment generation, it is possible in `SimpleQuery` mode to generate a line comment by having a placeholder for a numeric with a `-` such as `-?`. There must be second placeholder for a string immediately after. Setting the parameter to a -ve value creates a line comment. This has been fixed in this version fixes [CVE-2024-1597](https://www.cve.org/CVERecord?id=CVE-2024-1597). Reported by [Paul Gerste](https://github.com/paul-gerste-sonarsource). See the [security advisory](https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56) for more details. This has been fixed in versions 42.7.2, 42.6.1 42.5.5, 42.4.4, 42.3.9, 42.2.28.jre7. See the security advisory for work arounds. ##### Changed - fix: Use simple query for isValid. Using Extended query sends two messages checkConnectionQuery was never ever set or used, removed [PR #​3101](https://github.com/pgjdbc/pgjdbc/pull/3101) - perf: Avoid autoboxing bind indexes by [@​bokken](https://github.com/bokken) in [PR #​1244](https://github.com/pgjdbc/pgjdbc/pull/1244) - refactor: Document that encodePassword will zero out the password array, and remove driver's default encodePassword by [@​vlsi](https://github.com/vlsi) in [PR #​3084](https://github.com/pgjdbc/pgjdbc/pull/3084) ##### Added - feat: Add PasswordUtil for encrypting passwords client side [PR #​3082](https://github.com/pgjdbc/pgjdbc/pull/3082) ### [`v42.7.1`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4271-2023-12-06-083400--0500) ##### Changed - perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing [PR #​3044](https://github.com/pgjdbc/pgjdbc/pull/3044) ##### Fixed - fix: Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken [PR #​3040](https://github.com/pgjdbc/pgjdbc/pull/3040) - fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc [PR #​2720](https://github.com/pgjdbc/pgjdbc/pull/2720) Fixes [Issue #​2690](https://github.com/pgjdbc/pgjdbc/issues/2720). - fix: NoSuchMethodError on ByteBuffer#position When Running on Java 8 when accessing arrays, fixes [Issue #​3014](https://github.com/pgjdbc/pgjdbc/issues/3014) - Revert "[PR #​2925](https://github.com/pgjdbc/pgjdbc/pull/2925) Use canonical DateStyle name" [PR #​3035](https://github.com/pgjdbc/pgjdbc/pull/3035) Fixes [Issue #​3008](https://github.com/pgjdbc/pgjdbc/issues/3008) - Revert "[PR ##​2973](https://github.com/pgjdbc/pgjdbc/pull/2973) feat: support SET statements combining with other queries with semicolon in PreparedStatement" [PR #​3010](https://github.com/pgjdbc/pgjdbc/pull/3010) Fixes [Issue #​3007](https://github.com/pgjdbc/pgjdbc/issues/3007) - fix: avoid timezone conversions when sending LocalDateTime to the database [#​2852](https://github.com/pgjdbc/pgjdbc/pull/3010) Fixes [Issue #​1390](https://github.com/pgjdbc/pgjdbc/issues/1390) ,[Issue #​2850](https://github.com/pgjdbc/pgjdbc/issues/2850) Closes \[Issue [#​1391](https://github.com/pgjdbc/pgjdbc/issues/1391)(https://github.com/pgjdbc/pgjdbc/issues/1391) ### [`v42.7.0`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4270-2023-11-20-093300--0500) ##### Changed - fix: Deprecate for removal PGPoint.setLocation(java.awt.Point) to cut dependency to `java.desktop` module. [PR #​2967](https://github.com/pgjdbc/pgjdbc/pull/2967) - feat: return all catalogs for getCatalogs metadata query closes [ISSUE #​2949](https://github.com/pgjdbc/pgjdbc/issues/2949) [PR #​2953](https://github.com/pgjdbc/pgjdbc/pull/2953) - feat: support SET statements combining with other queries with semicolon in PreparedStatement [PR ##​2973](https://github.com/pgjdbc/pgjdbc/pull/2973) ##### Fixed - chore: add styleCheck Gradle task to report style violations [PR #​2980](https://github.com/pgjdbc/pgjdbc/pull/2980) - fix: Include currentXid in "Error rolling back prepared transaction" exception message [PR #​2978](https://github.com/pgjdbc/pgjdbc/pull/2978) - fix: add varbit as a basic type inside the TypeInfoCache [PR #​2960](https://github.com/pgjdbc/pgjdbc/pull/2960) - fix: Fix failing tests for version 16. [PR #​2962](https://github.com/pgjdbc/pgjdbc/pull/2962) - fix: allow setting arrays with ANSI type name [PR #​2952](https://github.com/pgjdbc/pgjdbc/pull/2952) - feat: Use KeepAlive to confirm LSNs [PR #​2941](https://github.com/pgjdbc/pgjdbc/pull/2941) - fix: put double ' around log parameter [PR #​2936](https://github.com/pgjdbc/pgjdbc/pull/2936) fixes [ISSUE #​2935](https://github.com/pgjdbc/pgjdbc/issues/2935) - fix: Fix Issue [#​2928](https://github.com/pgjdbc/pgjdbc/issues/2928) number of ports not equal to number of servers in datasource [PR #​2929](https://github.com/pgjdbc/pgjdbc/pull/2929) - fix: Use canonical DateStyle name ([#​2925](https://github.com/pgjdbc/pgjdbc/issues/2925)) fixes [pgbouncer issue](https://github.com/pgbouncer/pgbouncer/issues/776) - fix: Method getFastLong should be able to parse all longs [PR #​2881](https://github.com/pgjdbc/pgjdbc/pull/2881) - docs: Fix typos in info.html [PR #​2860](https://github.com/pgjdbc/pgjdbc/pull/2860) - fix: Return correct default from PgDatabaseMetaData.getDefaultTransactionIsolation [PR #​2992](https://github.com/pgjdbc/pgjdbc/pull/2992) fixes [Issue #​2991](https://github.com/pgjdbc/pgjdbc/issues/2991) - test: fix assertion in RefCursorFetchTestultFetchSize rows - test: use try-with-resources in LogicalReplicationStatusTest ### [`v42.6.0`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4260-2023-03-17-153434--0400) ##### Changed - fix: use PhantomReferences instead of `Obejct.finalize()` to track Connection leaks [PR #​2847](https://github.com/pgjdbc/pgjdbc/pull/2847) The change replaces all uses of Object.finalize with PhantomReferences. The leaked resources (Connections) are tracked in a helper thread that is active as long as there are connections in use. By default, the thread keeps running for 30 seconds after all the connections are released. The timeout is set with pgjdbc.config.cleanup.thread.ttl system property. - refactor:(loom) replace the usages of synchronized with ReentrantLock [PR #​2635](https://github.com/pgjdbc/pgjdbc/pull/2635) Fixes [Issue #​1951](https://github.com/pgjdbc/pgjdbc/issues/1951) ### [`v42.5.4`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4254-2023-02-15-102104--0500) ##### Fixed - fix: fix testGetSQLTypeQueryCache by searching for xid type. We used to search for box type but it is now cached. xid is not cached, this nuance is required for the test. - fix OidValueCorrectnessTest BOX_ARRAY OID, by adding BOX_ARRAY to the oidTypeName map \[PR [#​2810](https://github.com/pgjdbc/pgjdbc/issues/2810)]\((https://github.com/pgjdbc/pgjdbc/pull/2810). - fixes [Issue #​2804](https://github.com/pgjdbc/pgjdbc/issues/2804). - fix: Make sure that github CI runs tests on all [PRs #​2809](\(https://github.com/pgjdbc/pgjdbc/pull/2809\)). ### [`v42.5.3`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4253-2023-02-03-082450--0500) ##### Fixed - fix: Add box to TypeInfoCache, fixes [Issue #​2746](https://github.com/pgjdbc/pgjdbc/issues/2746) [PR #​2747](https://github.com/pgjdbc/pgjdbc/pull/2747) - fix: regression in PgResultSet LONG_MIN copy and paste error fixes [Issue #​2748](https://github.com/pgjdbc/pgjdbc/issues/2748) [PR#2749](https://github.com/pgjdbc/pgjdbc/pull/2749) ### [`v42.5.2`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4252-2023-01-31-143046--0500) ##### Changed - regression: This release has 2 known regressions which make it unusable see the notes above. We advise people to use 42.5.3 instead. - docs: specify that timeouts are in seconds and there is a maximum. Housekeeping on some tests fixes [#Issue 2671](https://github.com/pgjdbc/pgjdbc/issues/2671) [PR #​2686](https://github.com/pgjdbc/pgjdbc/pull/2686) - docs: clarify binaryTransfer and add it to README [PR# 2698](https://github.com/pgjdbc/pgjdbc/pull/2698) - docs: Document the need to encode reserved characters in the connection URL [PR #​2700](https://github.com/pgjdbc/pgjdbc/pull/2700) - feat: Define binary transfer for custom types dynamically/automatically fixes [Issue #​2554](https://github.com/pgjdbc/pgjdbc/issues/2554) [PR #​2556](https://github.com/pgjdbc/pgjdbc/pull/2556) ##### Added - fix: added gssResponseTimeout as part of [PR #​2687](https://github.com/pgjdbc/pgjdbc/pull/2687) to make sure we don't wait forever on a GSS RESPONSE ##### Fixed - fix: Ensure case of XML tags in Maven snippet is correct [PR #​2682](https://github.com/pgjdbc/pgjdbc/pull/2682) - fix: Make sure socket is closed if an exception is thrown in createSocket fixes [Issue #​2684](https://github.com/pgjdbc/pgjdbc/issues/2684) [PR #​2685](https://github.com/pgjdbc/pgjdbc/pull/2685) - fix: Apply patch from [Issue #​2683](https://github.com/pgjdbc/pgjdbc/issues/2683) to fix hanging ssl connections [PR #​2687](https://github.com/pgjdbc/pgjdbc/pull/2687) - fix - binary conversion of (very) long numeric values (longer than 4 \* 2^15 digits) [PR #​2697](https://github.com/pgjdbc/pgjdbc/pull/2697) fixes [Issue #​2695](https://github.com/pgjdbc/pgjdbc/issues/2695) - minor: enhance readability connection of startup params [PR #​2705](https://github.com/pgjdbc/pgjdbc/pull/2785) ### [`v42.5.1`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4251-2022-11-23-101459--0500) ##### Security - security: StreamWrapper spills to disk if setText, or setBytea sends very large Strings or arrays to the server. createTempFile creates a file which can be read by other users on unix like systems (Not macos). This has been fixed in this version fixes CVE-2022-41946 see the [security advisory](https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-562r-vg33-8x8h) for more details. Reported by [Jonathan Leitschuh](https://github.com/JLLeitschuh) This has been fixed in versions 42.5.1, 42.4.3 42.3.8, 42.2.27.jre7. Note there is no fix for 42.2.26.jre6. See the security advisory for work arounds. ##### Fixed - fix: make sure we select array_in from pg_catalog to avoid duplicate array_in functions fixes [#Issue 2548](https://github.com/pgjdbc/pgjdbc/issues/2548) [PR #​2552](https://github.com/pgjdbc/pgjdbc/issues/2552) - fix: binary decoding of bool values [PR #​2640](https://github.com/pgjdbc/pgjdbc/pull/2640) - perf: improve performance of PgResultSet getByte/getShort/getInt/getLong for float-typed columns [PR #​2634](https://github.com/pgjdbc/pgjdbc/pull/2634) - chore: fix various spelling errors [PR #​2592](https://github.com/pgjdbc/pgjdbc/pull/2592) - chore: Feature/urlparser improve URLParser [PR #​2641](https://github.com/pgjdbc/pgjdbc/pull/2592) ### [`v42.5.0`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4250-2022-08-23-112011--0400) ##### Changed - fix: revert change in [PR #​1986](https://github.com/pgjdbc/pgjdbc/pull/1986) where float was aliased to float4 from float8. float now aliases to float8 [PR #​2598](https://github.com/pgjdbc/pgjdbc/pull/2598) fixes [Issue #​2597](https://github.com/pgjdbc/pgjdbc/issues/2597) ### [`v42.4.2`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4242-2022-08-17-103340--0400) ##### Changed - fix: add alias to the generated getUDT() query for clarity (PR [#​2553](https://github.com/pgjdbc/pgjdbc/issues/2553))\[https://github.com/pgjdbc/pgjdbc/pull/2553] ##### Added - fix: make setObject accept UUID array [PR #​2587](https://github.com/pgjdbc/pgjdbc/pull/2587) ##### Fixed - fix: regression with GSS. Changes introduced to support building with Java 17 caused failures [Issue #​2588](https://github.com/pgjdbc/pgjdbc/issues/2588) - fix: set a timeout to get the return from requesting SSL upgrade. [PR #​2572](https://github.com/pgjdbc/pgjdbc/pull/2572) - feat: synchronize statement executions (e.g. avoid deadlock when Connection.isValid is executed from concurrent threads) ### [`v42.4.1`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4241-2022-08-01-162420--0400) ##### Security - fix: CVE-2022-31197 Fixes SQL generated in PgResultSet.refresh() to escape column identifiers so as to prevent SQL injection. - Previously, the column names for both key and data columns in the table were copied as-is into the generated SQL. This allowed a malicious table with column names that include statement terminator to be parsed and executed as multiple separate commands. - Also adds a new test class ResultSetRefreshTest to verify this change. - Reported by [Sho Kato](https://github.com/kato-sho) ##### Changed - chore: skip publishing pgjdbc-osgi-test to Central - chore: bump Gradle to 7.5 - test: update JUnit to 5.8.2 ##### Added - chore: added Gradle Wrapper Validation for verifying gradle-wrapper.jar - chore: added "permissions: contents: read" for GitHub Actions to avoid unintentional modifications by the CI - chore: support building pgjdbc with Java 17 - feat: synchronize statement executions (e.g. avoid deadlock when Connection.isValid is executed from concurrent threads) ### [`v42.4.0`](https://github.com/pgjdbc/pgjdbc/blob/HEAD/CHANGELOG.md#4240-2022-06-09-081402--0400) ##### Changed - fix: added GROUP_STARTUP_PARAMETERS boolean property to determine whether or not to group startup parameters in a transaction (default=false like 42.2.x) fixes [Issue #​2425](https://github.com/pgjdbc/pgjdbc/issues/2497) pgbouncer cannot deal with transactions in statement pooling mode [PR #​2425](https://github.com/pgjdbc/pgjdbc/pull/2425) ##### Fixed - fix: queries with up to 65535 (inclusive) parameters are supported now (previous limit was 32767) [PR #​2525](https://github.com/pgjdbc/pgjdbc/pull/2525), [Issue #​1311](https://github.com/pgjdbc/pgjdbc/issues/1311) - fix: workaround JarIndex parsing issue by using groupId/artifactId-version directory namings. Regression since 42.2.13. [PR #​2531](https://github.com/pgjdbc/pgjdbc/pull/2531), [issue #​2527](https://github.com/pgjdbc/pgjdbc/issues/2527) - fix: use Locale.ROOT for toUpperCase() toLowerCase() calls - doc: add Vladimir Sitnikov's PGP key - fix: return correct base type for domain from getUDTs [PR #​2520](https://github.com/pgjdbc/pgjdbc/pull/2520) [Issue #​2522](https://github.com/pgjdbc/pgjdbc/issues/2522) - perf: utcTz static and renamed to UTC_TIMEZONE [PR #​2519](https://github.com/pgjdbc/pgjdbc/pull/2520) - doc: fix release version for [#​2377](https://github.com/pgjdbc/pgjdbc/issues/2377) (it should be 42.3.6, not 42.3.5) </details> <details> <summary>square/okio (com.squareup.okio:okio)</summary> ### [`v3.9.1`](https://github.com/square/okio/blob/HEAD/CHANGELOG.md#Version-391) *2024-09-12* - Fix: Support paths containing a single dot (".") in `Path.relativeTo`. - Fix: Do not read from the upstream source when a 0-byte read is requested. - Fix: Update kotlinx.datetime to 0.6.0 to correct a Gradle module metadata problem with 0.5.0. Note: this artifact is only used in 'okio-fakefilesystem' and 'okio-nodefilesystem' and not in the Okio core. </details> <details> <summary>mockito/mockito (org.mockito:mockito-core)</summary> ### [`v5.14.1`](https://github.com/mockito/mockito/releases/tag/v5.14.1) <sup><sup>*Changelog generated by [Shipkit Changelog Gradle Plugin](https://github.com/shipkit/shipkit-changelog)*</sup></sup> ##### 5.14.1 - 2024-09-30 - [2 commit(s)](https://github.com/mockito/mockito/compare/v5.14.0...v5.14.1) by Brice Dutheil, dependabot\[bot] - fix: gradle mockitoAgent configuration should not be transitive [(#​3454)](https://github.com/mockito/mockito/pull/3454) - Bump bytebuddy from 1.15.2 to 1.15.3 [(#​3452)](https://github.com/mockito/mockito/pull/3452) - Allow for installing a Java agent within the Mockito jar, without exposing Byte Buddy's attach mechanism. [(#​3437)](https://github.com/mockito/mockito/pull/3437) ### [`v5.14.0`](https://github.com/mockito/mockito/releases/tag/v5.14.0) <sup><sup>*Changelog generated by [Shipkit Changelog Gradle Plugin](https://github.com/shipkit/shipkit-changelog)*</sup></sup> ##### 5.14.0 - 2024-09-27 - [9 commit(s)](https://github.com/mockito/mockito/compare/v5.13.0...v5.14.0) by Ali-Hassan, Brice Dutheil, David Saff, Rafael Winterhalter, dependabot\[bot] - Bump org.junit.platform:junit-platform-launcher from 1.11.0 to 1.11.1 [(#​3451)](https://github.com/mockito/mockito/pull/3451) - Bump bytebuddy from 1.15.1 to 1.15.2 [(#​3450)](https://github.com/mockito/mockito/pull/3450) - Update Documentation of ArgumentCaptor.java [(#​3448)](https://github.com/mockito/mockito/pull/3448) - Split subprojects [(#​3447)](https://github.com/mockito/mockito/pull/3447) - Separate extensions from integration tests [(#​3443)](https://github.com/mockito/mockito/issues/3443) - Bump org.eclipse.platform:org.eclipse.osgi from 3.20.0 to 3.21.0 [(#​3440)](https://github.com/mockito/mockito/pull/3440) - Bump com.gradle.enterprise from 3.18 to 3.18.1 [(#​3439)](https://github.com/mockito/mockito/pull/3439) - Allow for installing a Java agent within the Mockito jar, without exposing Byte Buddy's attach mechanism. [(#​3437)](https://github.com/mockito/mockito/pull/3437) - Bump bytebuddy from 1.15.0 to 1.15.1 [(#​3434)](https://github.com/mockito/mockito/pull/3434) - Fixes [#​3419](https://github.com/mockito/mockito/issues/3419): Disable mocks with an error message [(#​3424)](https://github.com/mockito/mockito/pull/3424) - Accessing a mock after clearInlineMocks could provide much more useful error message. [(#​3419)](https://github.com/mockito/mockito/issues/3419) </details> <details> <summary>Kotlin/kotlinx.coroutines (org.jetbrains.kotlinx:kotlinx-coroutines-core)</summary> ### [`v1.9.0`](https://github.com/Kotlin/kotlinx.coroutines/blob/HEAD/CHANGES.md#Version-190) [Compare Source](https://github.com/Kotlin/kotlinx.coroutines/compare/1.8.1...1.9.0) ##### Features - Wasm/WASI target support ([#​4064](https://github.com/Kotlin/kotlinx.coroutines/issues/4064)). Thanks, [@​igoriakovlev](https://github.com/igoriakovlev)! - `limitedParallelism` now optionally accepts the name of the dispatcher view for easier debugging ([#​4023](https://github.com/Kotlin/kotlinx.coroutines/issues/4023)). - No longer initialize `Dispatchers.IO` on the JVM when other standard dispatchers are accessed ([#​4166](https://github.com/Kotlin/kotlinx.coroutines/issues/4166)). Thanks, [@​metalhead8816](https://github.com/metalhead8816)! - Introduced the `Flow<T>.chunked(size: Int): Flow<List<T>>` operator that groups emitted values into groups of the given size ([#​1290](https://github.com/Kotlin/kotlinx.coroutines/issues/1290)). - Closeable dispatchers are instances of `AutoCloseable` now ([#​4123](https://github.com/Kotlin/kotlinx.coroutines/issues/4123)). ##### Fixes - Calling `hasNext` on a `Channel`'s iterator is idempotent ([#​4065](https://github.com/Kotlin/kotlinx.coroutines/issues/4065)). Thanks, [@​gitpaxultek](https://github.com/gitpaxultek)! - `CoroutineScope()` created without an explicit dispatcher uses `Dispatchers.Default` on Native ([#​4074](https://github.com/Kotlin/kotlinx.coroutines/issues/4074)). Thanks, [@​whyoleg](https://github.com/whyoleg)! - Fixed a bug that prevented non-Android `Dispatchers.Main` from initializing when the Firebase dependency is used ([#​3914](https://github.com/Kotlin/kotlinx.coroutines/issues/3914)). - Ensured a more intuitive ordering of tasks in `runBlocking` ([#​4134](https://github.com/Kotlin/kotlinx.coroutines/issues/4134)). - Forbid casting a `Mutex` to `Semaphore` ([#​4176](https://github.com/Kotlin/kotlinx.coroutines/issues/4176)). - Worked around a stack overflow that may occur when calling `asDeferred` on a `Future` many times ([#​4156](https://github.com/Kotlin/kotlinx.coroutines/issues/4156)). ##### Deprecations and promotions - Advanced the deprecation levels for `BroadcastChannel`-based API ([#​4197](https://github.com/Kotlin/kotlinx.coroutines/issues/4197)). - Advanced the deprecation levels for the old `kotlinx-coroutines-test` API ([#​4198](https://github.com/Kotlin/kotlinx.coroutines/issues/4198)). - Deprecated `Job.cancelFutureOnCompletion` ([#​4173](https://github.com/Kotlin/kotlinx.coroutines/issues/4173)). - Promoted `CoroutineDispatcher.limitedParallelism` to stable ([#​3864](https://github.com/Kotlin/kotlinx.coroutines/issues/3864)). - Promoted `CoroutineStart.ATOMIC` from `ExperimentalCoroutinesApi` to `DelicateCoroutinesApi` ([#​4169](https://github.com/Kotlin/kotlinx.coroutines/issues/4169)). - Promoted `CancellableContinuation.resume` with an `onCancellation` lambda to stable, providing extra arguments to the lambda ([#​4088](https://github.com/Kotlin/kotlinx.coroutines/issues/4088)). - Marked the classes and interfaces that are not supposed to be inherited from with the new `InternalForInheritanceCoroutinesApi` opt-in ([#​3770](https://github.com/Kotlin/kotlinx.coroutines/issues/3770)). - Marked the classes and interfaces inheriting from which is not stable with the new `ExperimentalForInheritanceCoroutinesApi` opt-in ([#​3770](https://github.com/Kotlin/kotlinx.coroutines/issues/3770)). ##### Other - Kotlin was updated to 2.0 ([#​4137](https://github.com/Kotlin/kotlinx.coroutines/issues/4137)). - Reworked the documentation for `CoroutineStart` and `Channel`-based API ([#​4147](https://github.com/Kotlin/kotlinx.coroutines/issues/4147), [#​4148](https://github.com/Kotlin/kotlinx.coroutines/issues/4148), [#​4167](https://github.com/Kotlin/kotlinx.coroutines/issues/4167)). Thanks, [@​globsterg](https://github.com/globsterg)! - Simplified the internal implementation of `Job` ([#​4053](https://github.com/Kotlin/kotlinx.coroutines/issues/4053)). - Small tweaks, fixes, and documentation improvements. </details> <details> <summary>redis/jedis (redis.clients:jedis)</summary> ### [`v5.2.0`](https://github.com/redis/jedis/releases/tag/v5.2.0): 5.2.0 GA #### Enhanced Client-side caching We are happy to announce that improved [server-assisted, client-side caching](https://redis.io/docs/manual/client-side-caching/) is now generally available! Special thanks to all our beta testers for their valuable feedback, which helped us refine and improve the initial implementation. Client-side caching is supported exclusively with the RESP3 protocol with Redis >= 7.4 and is available in UnifiedJedis, JedisPooled, and JedisCluster and other classes. ##### How to try Client-Side Caching 1. [Install Jedis](https://redis.io/docs/connect/clients/java/jedis/#install) **5.2.0** 2. Use the following code example to get started: ```java public class CSCExampleTest { public static void main() { HostAndPort node = HostAndPort.from("localhost:6379"); JedisClientConfig clientConfig = DefaultJedisClientConfig.builder() .resp3() // RESP3 protocol is required for client-side caching //.user("myuser") // Redis server username (optional) //.password("mypass") // Redis user's password (optional) .build(); CacheConfig cacheConfig = getCacheConfig(); Cache cache = CacheFactory.getCache(cacheConfig); try (UnifiedJedis client = new UnifiedJedis(node, clientConfig, cache)) { client.set("foo", "bar"); client.get("foo"); client.get("foo"); // Cache hit System.out.println("Cache size: " + cache.getSize()); // 1 System.out.println(cache.getStats().toString()); //Let's change the value of "foo" to invalidate the value stored in the local cache client.mset("foo", "new_value", "ignore_me:1", "another_value"); Thread.sleep(1000); // wait for the cache invalidation to happen System.out.println(client.get("foo")); // Cache miss System.out.println(cache.getStats().toString()); client.get("ignore_me:1"); // Client will ignore this key System.out.println("Cache size: " + cache.getSize()); // still 1 // check the cache stats System.out.println(cache.getStats().toString()); } catch (InterruptedException e) { throw new RuntimeException(e); } } private static CacheConfig getCacheConfig() { // This is a simple cacheable implementation that ignores keys starting with "ignore_me" Cacheable cacheable = new DefaultCacheable() { final String IGNORE_PREFIX = "ignore_me"; @​Override public boolean isCacheable(ProtocolCommand command, List<Object> keys) { // assuming we'll only execute methods with string keys List<String> stringKeys = keys.stream() .filter(obj -> obj instanceof String) .map(obj -> (String) obj) .collect(Collectors.toList()); for (String key : stringKeys) { if (key.startsWith(IGNORE_PREFIX)) { return false; } } return isDefaultCacheableCommand(command); } }; // Create a cache with a maximum size of 10000 entries return CacheConfig.builder() .maxSize(10000) .cacheable(cacheable) .build(); } } ``` It is possible to limit or ignore commands or keys for client-side caching. The `getCacheConfig` method presented above provides an example of how to achieve that. #### 🔥 Breaking Changes - JedisConnectionException contains HostAndPort from DefaultJedisSocketFactory ([#​3896](https://github.com/redis/jedis/issues/3896)) - Address change in JSON.GET command without path ([#​3858](https://github.com/redis/jedis/issues/3858)) - Modify and fail-fast GeoSearchParam ([#​3827](https://github.com/redis/jedis/issues/3827)) - Support transaction from UnifiedJedis without calling multi first ([#​3804](https://github.com/redis/jedis/issues/3804)) - Reduce the log level of validateObject to WARN ([#​3750](https://github.com/redis/jedis/issues/3750)) #### 🧪 Experimental Features - Support automatic namespacing ([#​3781](https://github.com/redis/jedis/issues/3781)) - Added support for ADDSCORES argument in FT.AGGREGATE ([#​3908](https://github.com/redis/jedis/issues/3908)) - Support IGNORE and other optional arguments for timeseries commands ([#​3860](https://github.com/redis/jedis/issues/3860)) #### 🚀 New Features - Support Hash field expiration ([#​3826](https://github.com/redis/jedis/issues/3826)) - Add equals and hashCode to Timeseries Params classes ([#​3959](https://github.com/redis/jedis/issues/3959)) - Decoding FT.SEARCH reply can be disabled at field level ([#​3926](https://github.com/redis/jedis/issues/3926)) - Get enriched Connection information ([#​3745](https://github.com/redis/jedis/issues/3745)) - Support execute the read-only command on replica nodes ([#​3848](https://github.com/redis/jedis/issues/3848)) - JedisConnectionException contains HostAndPort from DefaultJedisSocketFactory ([#​3896](https://github.com/redis/jedis/issues/3896)) - Support \[S]PUBLISH in pipelines and transactions ([#​3859](https://github.com/redis/jedis/issues/3859)) - Support Hash field expiration ([#​3826](https://github.com/redis/jedis/issues/3826)) - Custom connection pool to MultiClusterPooledConnectionProvider ([#​3801](https://github.com/redis/jedis/issues/3801)) - PubSub handle array of messages for RESP2 ([#​3811](https://github.com/redis/jedis/issues/3811)) - Support transaction from UnifiedJedis without calling multi first ([#​3804](https://github.com/redis/jedis/issues/3804)) - Add last entry id for XREADs and support XREADs reply as map ([#​3791](https://github.com/redis/jedis/issues/3791)) - Add Experimental, Internal and VisibleForTesting annotations ([#​3790](https://github.com/redis/jedis/issues/3790)) - Implement equals and hashcode in Params classes ([#​3728](https://github.com/redis/jedis/issues/3728)) - Add support for redis command: CLIENT TRACKINGINFO ([#​3751](https://github.com/redis/jedis/issues/3751)) - Support the MAXAGE option for CLIENT KILL ([#​3754](https://github.com/redis/jedis/issues/3754)) - Polish [#​3741](https://github.com/redis/jedis/issues/3741) ([#​3746](https://github.com/redis/jedis/issues/3746)) - Add support for the NOVALUES option of HSCAN ([#​3741](https://github.com/redis/jedis/issues/3741)) - Support issuing Latency commands ([#​3729](https://github.com/redis/jedis/issues/3729)) #### 🐛 Bug Fixes - Accept null replies for BZPOPMAX and BZPOPMIN commands ([#​3930](https://github.com/redis/jedis/issues/3930)) - Fix empty LUA table reply ([#​3924](https://github.com/redis/jedis/issues/3924)) - Ensure closing connection in Pipeline ([#​3865](https://github.com/redis/jedis/issues/3865)) - Address change in JSON.GET command without path ([#​3858](https://github.com/redis/jedis/issues/3858)) - Consider null values in empty StreamPendingSummary ([#​3793](https://github.com/redis/jedis/issues/3793)) - Fix UnifiedJedis pexpireAt glitch ([#​3782](https://github.com/redis/jedis/issues/3782)) - Use expiryOption in PipelineBase.expireAt ([#​3777](https://github.com/redis/jedis/issues/3777)) - Stop connection fetching before sync/exec ([#​3756](https://github.com/redis/jedis/issues/3756)) - Check for thread interrupt in subscribe process of PubSub ([#​3726](https://github.com/redis/jedis/issues/3726)) - Avoid NPE in MultiNodePipelineBase.java ([#​3697](https://github.com/redis/jedis/issues/3697)) - Fix probable missing (RESP3) protocol processing ([#​3692](https://github.com/redis/jedis/issues/3692)) - Use circuit breaker fallback exception list ([#​3664](https://github.com/redis/jedis/issues/3664)) #### 🧰 Maintenance - Deprecate Triggers and Functions feature ([#​3968](https://github.com/redis/jedis/issues/3968)) - Bump org.apache.httpcomponents.client5:httpclient5-fluent from 5.3.1 to 5.4 ([#​3962](https://github.com/redis/jedis/issues/3962)) - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.1 to 3.5.0 ([#​3950](https://github.com/redis/jedis/issues/3950)) - Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.10.0 ([#​3949](https://github.com/redis/jedis/issues/3949)) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.5 to 3.2.6 ([#​3957](https://github.com/redis/jedis/issues/3957)) - Added JavaDoc for basic JedisCluster constructors ([#​3304](https://github.com/redis/jedis/issues/3304)) - Bump org.locationtech.jts:jts-core from 1.19.0 to 1.20.0 ([#​3948](https://github.com/redis/jedis/issues/3948)) - Add A-A failover scenario test ([#​3935](https://github.com/redis/jedis/issues/3935)) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.5 ([#​3936](https://github.com/redis/jedis/issues/3936)) - Fix codecov upload ([#​3933](https://github.com/redis/jedis/issues/3933)) - Rename readonly config param to specify Redis Cluster ([#​3932](https://github.com/redis/jedis/issues/3932)) - Modify Connection.toIdentityString and test ([#​3931](https://github.com/redis/jedis/issues/3931)) - Revert "Creating CODEOWNERS for the examples ([#​3570](https://github.com/redis/jedis/issues/3570))" ([#​3897](https://github.com/redis/jedis/issues/3897)) - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.1 ([#​3891](https://github.com/redis/jedis/issues/3891)) - Bump org.hamcrest:hamcrest from 2.2 to 3.0 ([#​3914](https://github.com/redis/jedis/issues/3914)) - Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 ([#​3909](https://github.com/redis/jedis/issues/3909)) - Bump net.javacrumbs.json-unit:json-unit from 2.38.0 to 2.40.1 ([#​3903](https://github.com/redis/jedis/issues/3903)) - Bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.1 ([#​3890](https://github.com/redis/jedis/issues/3890)) - Fixed typo in Javadoc ([#​3917](https://github.com/redis/jedis/issues/3917)) - Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 ([#​3910](https://github.com/redis/jedis/issues/3910)) - Bump com.kohlschutter.junixsocket:junixsocket-core from 2.9.1 to 2.10.0 ([#​3901](https://github.com/redis/jedis/issues/3901)) - Bump jackson.version from 2.17.1 to 2.17.2 ([#​3902](https://github.com/redis/jedis/issues/3902)) - Add Scenario tests ([#​3847](https://github.com/redis/jedis/issues/3847)) - Modify the judgment that reads a response as empty to isEmpty method ([#​3888](https://github.com/redis/jedis/issues/3888)) - Replace `synchronized` with `j.u.c.l.ReentrantLock` for Loom ([#​3480](https://github.com/redis/jedis/issues/3480)) - Extract messages of unsupported exception as constants ([#​3887](https://github.com/redis/jedis/issues/3887)) - Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 ([#​3851](https://github.com/redis/jedis/issues/3851)) - Bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0 ([#​3850](https://github.com/redis/jedis/issues/3850)) - Bump com.google.code.gson:gson from 2.10.1 to 2.11.0 ([#​3842](https://github.com/redis/jedis/issues/3842)) - Merge doc tests into main branch to keep in-sync with the code ([#​3861](https://github.com/redis/jedis/issues/3861)) - Deprecate unused Set<Tuple> builders ([#​3857](https://github.com/redis/jedis/issues/3857)) - Disable Redis Graph tests ([#​3856](https://github.com/redis/jedis/issues/3856)) - Introduce EndpointConfig and load endpoint settings from the endpoints.json file ([#​3836](https://github.com/redis/jedis/issues/3836)) - Address Gears test fail - Cleanup Function libraries ([#​3840](https://github.com/redis/jedis/issues/3840)) - Bump jackson.version from 2.17.0 to 2.17.1 ([#​3833](https://github.com/redis/jedis/issues/3833)) - Add methods in CommandArguments and RawableFactory ([#​3834](https://github.com/redis/jedis/issues/3834)) - Modify and fail-fast GeoSearchParam ([#​3827](https://github.com/redis/jedis/issues/3827)) - Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.0 to 3.4.1 ([#​3822](https://github.com/redis/jedis/issues/3822)) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.3 to 3.2.4 ([#​3823](https://github.com/redis/jedis/issues/3823)) - Bump org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.0 ([#​3819](https://github.com/redis/jedis/issues/3819)) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.2 to 3.2.3 ([#​3818](https://github.com/redis/jedis/issues/3818)) - Add more tests for the CommandObjects class ([#​3809](https://github.com/redis/jedis/issues/3809)) - Resolve compile warnings ([#​3810](https://github.com/redis/jedis/issues/3810)) - Bump com.kohlschutter.junixsocket:junixsocket-core from 2.9.0 to 2.9.1 ([#​3806](https://github.com/redis/jedis/issues/3806)) - Bump org.jacoco:jacoco-maven-plugin from 0.8.11 to 0.8.12 ([#​3805](https://github.com/redis/jedis/issues/3805)) - Bump org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1 ([#​3807](https://github.com/redis/jedis/issues/3807)) - Deprecate unused JSON.ARRAPPEND in CommandObjects ([#​3798](https://github.com/redis/jedis/issues/3798)) - Extensive unit tests for the CommandObjects class ([#​3796](https://github.com/redis/jedis/issues/3796)) - Add extensive tests for UnifiedJedis ([#​3788](https://github.com/redis/jedis/issues/3788)) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.1 to 3.2.2 ([#​3794](https://github.com/redis/jedis/issues/3794)) - Add Experimental, Internal and VisibleForTesting annotations ([#​3790](https://github.com/redis/jedis/issues/3790)) - Add TS.INFO \[DEGUB] and CF.MEXISTS in pipelined commands ([#​3787](https://github.com/redis/jedis/issues/3787)) - Bump org.apache.maven.plugins:maven-compiler-plugin from 3.12.1 to 3.13.0 ([#​3786](https://github.com/redis/jedis/issues/3786)) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.0 to 3.2.1 ([#​3785](https://github.com/redis/jedis/issues/3785)) - Pipelined tests for lists and sets, and API typo fix ([#​3772](https://github.com/redis/jedis/issues/3772)) - Extensive unit tests for PipeliningBase ([#​3778](https://github.com/redis/jedis/issues/3778)) - Bump jackson.version from 2.16.2 to 2.17.0 ([#​3776](https://github.com/redis/jedis/issues/3776)) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.0 ([#​3775](https://github.com/redis/jedis/issues/3775)) - Fix typo in SetPipelineCommands method name ([#​3773](https://github.com/redis/jedis/issues/3773)) - Streamline test execution ([#​3760](https://github.com/redis/jedis/issues/3760)) - Add pipelined tests for sorted sets ([#​3771](https://github.com/redis/jedis/issues/3771)) - Geo pipelined tests ([#​3767](https://github.com/redis/jedis/issues/3767)) - Reenable clustering tests ([#​3764](https://github.com/redis/jedis/issues/3764)) - GETSET command is deprecated since Redis 6.2.0 ([#​3768](https://github.com/redis/jedis/issues/3768)) - Add tests for Stream pipelined commands ([#​3763](https://github.com/redis/jedis/issues/3763)) - Bump jackson.version from 2.16.1 to 2.16.2 ([#​3762](https://github.com/redis/jedis/issues/3762)) - Bump org.json:json from [`2024020`](https://github.com/redis/jedis/commit/20240205) to [`2024030`](https://github.com/redis/jedis/commit/20240303) ([#​3752](https://github.com/redis/jedis/issues/3752)) - Add Hashes pipeline commands unit tests ([#​3288](https://github.com/redis/jedis/issues/3288)) - Add unit tests for pipelining - migrate and db commands ([#​3759](https://github.com/redis/jedis/issues/3759)) - Reduce the log level of validateObject to WARN ([#​3750](https://github.com/redis/jedis/issues/3750)) - Bump org.json:json from [`2023101`](https://github.com/redis/jedis/commit/20231013) to [`2024020`](https://github.com/redis/jedis/commit/20240205) ([#​3706](https://github.com/redis/jedis/issues/3706)) - Bump com.kohlschutter.junixsocket:junixsocket-core from 2.8.3 to 2.9.0 ([#​3724](https://github.com/redis/jedis/issues/3724)) - Running doctests also on emb-examples ([#& </details> GitOrigin-RevId: 8a275b1c484ffdcd889591afa909c0ac94f02667
Overall idea is the same as #3067 but couple changes to implementation and presesntation:
PasswordUtil
no longer concerns itself with connections. It just hashes passwords and encodes them for using in the DB.alterUserPassword(...)
toPGConnnection
. That's our "public API" for everything PG-specific so it seemed like a better home than havingPasswordUtil
deal with java.sql.*.Splitting out the encoding allows the same functions to be used for
CREATE USER ...
(again without passing the credentials in plaintext). The updated test:PGConnection
methodTests are run against the servers's default password encryption method, the driver's default password encryption method,
md5
, andscram-sha-256
(for v11+).If a new encryption method gets added to the server and is marked as the default then it should break our CI (which is good).
As part of this one more helper was added to TestUtil for executing SQL with a string arg. And an internal bytes-to-hex method in MD5Digest was marked public but it's not part of the "public API" package so I think that's fine.
@davecramer Besides the structure and hashing, take a peek at the comments too as I tried to explain what this is really doing despite the poor verbiage on the server (it's not "encryption", it's hashing...), whilst sticking to the server's language as much as possible.
===
All Submissions:
New Feature Submissions:
./gradlew styleCheck
pass ?