Conversation
Bumps `jackson.version` from 2.21.1 to 2.21.2. Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-xml` from 2.21.1 to 2.21.2 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/FasterXML/jackson-dataformat-xml/commit/6bdc5931ad9637ab27b0a922276fd6219a25ea90"><code>6bdc593</code></a> [maven-release-plugin] prepare release jackson-dataformat-xml-2.21.2</li> <li><a href="https://github.com/FasterXML/jackson-dataformat-xml/commit/f15dce959584dfb1323f995d32dee1b08daea9d2"><code>f15dce9</code></a> Prep for 2.21.2 release</li> <li><a href="https://github.com/FasterXML/jackson-dataformat-xml/commit/35033944e93514739203c562ee6cd538cf059159"><code>3503394</code></a> Post-release dep version bump</li> <li><a href="https://github.com/FasterXML/jackson-dataformat-xml/commit/b19143d63962369d6af7bdc81ef8596862bf6f41"><code>b19143d</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/FasterXML/jackson-dataformat-xml/compare/jackson-dataformat-xml-2.21.1...jackson-dataformat-xml-2.21.2">compare view</a></li> </ul> </details> <br /> Updates `com.fasterxml.jackson.core:jackson-databind` from 2.21.1 to 2.21.2 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/FasterXML/jackson/commits">compare view</a></li> </ul> </details> <br /> Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.21.1 to 2.21.2 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/5639ffe62c69fc15b7f9cce09b9b68498e2f3550"><code>5639ffe</code></a> [maven-release-plugin] prepare release jackson-dataformats-text-2.21.2</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/c6aa953dde412afeb3f01165627cf736f58efd66"><code>c6aa953</code></a> Prep for 2.21.2 release</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/3406e8a221b9d021773642e9b4a6866fdc6cccc0"><code>3406e8a</code></a> Merge branch '2.20' into 2.21</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/d52ce35b4c70a34174c6987d05b8df68c42c0eb4"><code>d52ce35</code></a> Merge branch '2.19' into 2.20</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/9150ee8e9e5558a2e9f284229f0ebd02140c9c97"><code>9150ee8</code></a> update release notes for 2.19.5</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/d8738d6e29a26e9843856c17151ce5eb96b805e9"><code>d8738d6</code></a> Merge branch '2.20' into 2.21</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/3b4a0ce1a03f61f1f208ef1f9fc96e055902fdf9"><code>3b4a0ce</code></a> Merge branch '2.19' into 2.20</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/56270dfb6a93685da36c52c3160bb0cb9074ca1e"><code>56270df</code></a> Merge branch '2.18' into 2.19</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/a9c10320d00798134357fd417f52d65939e2c177"><code>a9c1032</code></a> Backport <a href="https://redirect.github.com/FasterXML/jackson-dataformats-text/issues/615">#615</a> fix in 2.18 (<a href="https://redirect.github.com/FasterXML/jackson-dataformats-text/issues/617">#617</a>)</li> <li><a href="https://github.com/FasterXML/jackson-dataformats-text/commit/efb186c2c0742b9a8cc7a99878f6e735e39a45b2"><code>efb186c</code></a> Post-release dep version bump</li> <li>Additional commits viewable in <a href="https://github.com/FasterXML/jackson-dataformats-text/compare/jackson-dataformats-text-2.21.1...jackson-dataformats-text-2.21.2">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…34.1 (#1025) Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.34.0 to 4.34.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/protocolbuffers/protobuf/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…24.Final (#1026) Bumps [io.undertow:undertow-core](https://github.com/undertow-io/undertow) from 2.3.23.Final to 2.3.24.Final. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/undertow-io/undertow/commit/f3da6fc173365dbe4d6f2cdc55362eaf3b90a7df"><code>f3da6fc</code></a> Prepare 2.3.24.Final</li> <li><a href="https://github.com/undertow-io/undertow/commit/016557eca3d62c9cef47d6e1127477a545013d65"><code>016557e</code></a> Merge pull request <a href="https://redirect.github.com/undertow-io/undertow/issues/1940">#1940</a> from fl4via/UNDERTOW-2611_2.3.x</li> <li><a href="https://github.com/undertow-io/undertow/commit/9ccf07b63a5554e30571b5f7792fa89d306f16b4"><code>9ccf07b</code></a> [UNDERTOW-2611] Ensure max-request-size of a Multipart servlet can override a...</li> <li><a href="https://github.com/undertow-io/undertow/commit/3ac0e23ab55c60516d193a0aa94047713bc29c8f"><code>3ac0e23</code></a> Merge pull request <a href="https://redirect.github.com/undertow-io/undertow/issues/1935">#1935</a> from baranowb/UNDERTOW-2603_2.3.x</li> <li><a href="https://github.com/undertow-io/undertow/commit/d83f128f3b1d1722df71560744a554def9c9f545"><code>d83f128</code></a> [UNDERTOW-2603] Fix double cookie on quoted value</li> <li><a href="https://github.com/undertow-io/undertow/commit/7fec1a69e4c450a883f25169ee6fd044c3f10009"><code>7fec1a6</code></a> Merge pull request <a href="https://redirect.github.com/undertow-io/undertow/issues/1927">#1927</a> from fl4via/backport-fixes_2.3.x</li> <li><a href="https://github.com/undertow-io/undertow/commit/92bdd67d29cb3379b5924ee42df14af9ad4ef256"><code>92bdd67</code></a> [UNDERTOW-2536] Fix include parameters on error and add rudimentary test</li> <li><a href="https://github.com/undertow-io/undertow/commit/0fde4fd4f21c4b7cb0ab5305dc91d2894553ca89"><code>0fde4fd</code></a> [UNDERTOW-2575] Add flush before socket close on write timeout</li> <li><a href="https://github.com/undertow-io/undertow/commit/a5d01727f51c6db5cd6bbf9309166709ab272d0c"><code>a5d0172</code></a> [UNDERTOW-2521] Rename AjpClientConnection#connection to avoid confusion</li> <li><a href="https://github.com/undertow-io/undertow/commit/5cfe721cd0b13eeb8347ca31df46aaa6093932e6"><code>5cfe721</code></a> [UNDERTOW-2705] Fix Http2ServerConnection.pushResource, where the default MAX...</li> <li>Additional commits viewable in <a href="https://github.com/undertow-io/undertow/compare/2.3.23.Final...2.3.24.Final">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `awssdk.version` from 2.42.17 to 2.42.18. Updates `software.amazon.awssdk:s3` from 2.42.17 to 2.42.18 Updates `software.amazon.awssdk:lambda` from 2.42.17 to 2.42.18 Updates `software.amazon.awssdk:ses` from 2.42.17 to 2.42.18 Updates `software.amazon.awssdk:cloudwatch` from 2.42.17 to 2.42.18 Updates `software.amazon.awssdk:costexplorer` from 2.42.17 to 2.42.18 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `awssdk.version` from 2.42.18 to 2.42.19. Updates `software.amazon.awssdk:s3` from 2.42.18 to 2.42.19 Updates `software.amazon.awssdk:lambda` from 2.42.18 to 2.42.19 Updates `software.amazon.awssdk:ses` from 2.42.18 to 2.42.19 Updates `software.amazon.awssdk:cloudwatch` from 2.42.18 to 2.42.19 Updates `software.amazon.awssdk:costexplorer` from 2.42.18 to 2.42.19 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `netty.version` from 4.2.10.Final to 4.2.11.Final. Updates `io.netty:netty-bom` from 4.2.10.Final to 4.2.11.Final <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/netty/netty/releases">io.netty:netty-bom's releases</a>.</em></p> <blockquote> <h2>netty-4.2.11.Final</h2> <h2>Security</h2> <ul> <li>CVE-2026-33871, <a href="https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv">HTTP/2 CONTINUATION Frame Flood Denial of Service</a></li> <li>CVE-2026-33870, <a href="https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8">HTTP Request Smuggling via Chunked Extension Quoted-String Parsing</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Update to latest JDK 26 EA release by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16230">netty/netty#16230</a></li> <li>HTTP3: Allow to support non-standard HTTP3 settings by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16171">netty/netty#16171</a></li> <li>Fix Incorrect nanos-to-millis conversion in epoll_wait EINTR retry loop by <a href="https://github.com/adwsingh"><code>@adwsingh</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16245">netty/netty#16245</a></li> <li>Allocate one large segment and slice for each MsgHdrMemory by <a href="https://github.com/dreamlike-ocean"><code>@dreamlike-ocean</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16234">netty/netty#16234</a></li> <li>Make RefCntOpenSslContext.deallocate more robust by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16253">netty/netty#16253</a></li> <li>Epoll: Fix excessive CPU usage when Channel is only registered but no… by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16250">netty/netty#16250</a></li> <li>Update to gcc for arm 10.3-2021.07 by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16255">netty/netty#16255</a></li> <li>Add acmeIdentifier extension support to pkitesting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16256">netty/netty#16256</a></li> <li>Update JDK versions to latest patch releases by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16254">netty/netty#16254</a></li> <li>Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16241">netty/netty#16241</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16269">netty/netty#16269</a></li> <li>Revert "Automatic backporting workflow from 4.1 to 4.2" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16270">netty/netty#16270</a></li> <li>HTTP2: Correctly account for padding when decompress by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16264">netty/netty#16264</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16271">netty/netty#16271</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16273">netty/netty#16273</a></li> <li>Backport PRs must be created with personal access tokens by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16276">netty/netty#16276</a></li> <li>Expose QuicSslContextBuilder::sni by <a href="https://github.com/ZeroErrors"><code>@ZeroErrors</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16178">netty/netty#16178</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16275">netty/netty#16275</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16283">netty/netty#16283</a></li> <li>Remove the unpooled allocator from test permutations by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16282">netty/netty#16282</a></li> <li>Some polishing of the porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16288">netty/netty#16288</a></li> <li>Allow to set destination connection id when creating a client side QuicheChannel by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16286">netty/netty#16286</a></li> <li>Update to latest JDK26 EA build by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16295">netty/netty#16295</a></li> <li>Add javadoc to clarify responsibility of the user when generating the remote connection id by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16293">netty/netty#16293</a></li> <li>Make the build run faster by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16290">netty/netty#16290</a></li> <li>Fix IDE warnings in SslHandler by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16237">netty/netty#16237</a></li> <li>Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16242">netty/netty#16242</a></li> <li>Support boringssl SSLCredential API by <a href="https://github.com/jmcrawford45"><code>@jmcrawford45</code></a> in <a href="https://redirect.github.com/netty/netty/pull/15919">netty/netty#15919</a></li> <li>Fix high-order bit aliasing in HttpUtil.validateToken by <a href="https://github.com/furkanvarol"><code>@furkanvarol</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16279">netty/netty#16279</a></li> <li>Improve multi-byte access performance when UNALIGNED availability is unknown by <a href="https://github.com/Songdoeon"><code>@Songdoeon</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16207">netty/netty#16207</a></li> <li>Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16278">netty/netty#16278</a></li> <li>Support more branch freedom for auto-porting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16300">netty/netty#16300</a></li> <li>fix: the precedence of + is higher than >> by <a href="https://github.com/cuiweixie"><code>@cuiweixie</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16312">netty/netty#16312</a></li> <li>AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by <a href="https://github.com/laosijikaichele"><code>@laosijikaichele</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16309">netty/netty#16309</a></li> <li>Fix flaky PooledByteBufAllocatorTest by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16313">netty/netty#16313</a></li> <li>Fix pooled arena accounting tests by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16321">netty/netty#16321</a></li> <li>Fix RunInFastThreadLocalThreadExtension by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16314">netty/netty#16314</a></li> <li>AdaptivePoolingAllocator: call <code>unreserveMatchingBuddy(...)</code> if <code>byteBuf</code> initialization failed by <a href="https://github.com/laosijikaichele"><code>@laosijikaichele</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16327">netty/netty#16327</a></li> <li>Recycler should not use thread locals unless they get cleaned up by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16315">netty/netty#16315</a></li> <li>OpenSSL: Don't leak OpenSslKeyManagerProvider on exception by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16337">netty/netty#16337</a></li> <li>IoUring: Only complete deregistration promise once we received all co… by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16330">netty/netty#16330</a></li> <li>Mark LoggingHandlerTest with <a href="https://github.com/Isolated"><code>@Isolated</code></a> to fix flaky build by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16338">netty/netty#16338</a></li> <li>Fix flaky HTTP/2 test by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16342">netty/netty#16342</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/netty/netty/commit/c94a8180e749f694fb76963dd494bae17c31aff6"><code>c94a818</code></a> [maven-release-plugin] prepare release netty-4.2.11.Final</li> <li><a href="https://github.com/netty/netty/commit/3b76df185678353733aa21702d6be16130d188a0"><code>3b76df1</code></a> Merge commit from fork</li> <li><a href="https://github.com/netty/netty/commit/aae944a19eb036993fc47c4b40639476f519deaf"><code>aae944a</code></a> Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/60014996491c41d91c26f80bca096610f34fc858"><code>6001499</code></a> Eliminate redundant bounds checks in CompositeByteBuf accessors (<a href="https://redirect.github.com/netty/netty/issues/16525">#16525</a>)</li> <li><a href="https://github.com/netty/netty/commit/a7fbb6f84625ef29733a1506ed3520e3c21d5247"><code>a7fbb6f</code></a> JdkZlibDecoder: accumulate decompressed output before firing channelRead (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/7937553d8f49e17b064f57b1414907aed8e3be3d"><code>7937553</code></a> Enforce io.netty.maxDirectMemory accounting on all Java versions (<a href="https://redirect.github.com/netty/netty/issues/16489">#16489</a>)</li> <li><a href="https://github.com/netty/netty/commit/893ea2ea6c35c9e1812e5d331530b88d8690022b"><code>893ea2e</code></a> Allocate less in QueryStringDecoder.addParam for typical use case (<a href="https://redirect.github.com/netty/netty/issues/16527">#16527</a>)</li> <li><a href="https://github.com/netty/netty/commit/8f744ecfabbe3f5e96a5adfcaf9966525a856f09"><code>8f744ec</code></a> Replace <code>ClosedChannelException</code> with <code>StacklessClosedChannelException</code> (<a href="https://redirect.github.com/netty/netty/issues/16506">#16506</a>)</li> <li><a href="https://github.com/netty/netty/commit/4d7b70dc2a6417790038f70f230fa9d94f7597da"><code>4d7b70d</code></a> Fix docker image for cross-compiling (<a href="https://redirect.github.com/netty/netty/issues/16522">#16522</a>)</li> <li><a href="https://github.com/netty/netty/commit/cfd0d9a023d405e9c3aa96cca2f4fc4d1948c766"><code>cfd0d9a</code></a> Epoll / IoUring: setTcpMg5Sig(...) might overflow (<a href="https://redirect.github.com/netty/netty/issues/16511">#16511</a>)</li> <li>Additional commits viewable in <a href="https://github.com/netty/netty/compare/netty-4.2.10.Final...netty-4.2.11.Final">compare view</a></li> </ul> </details> <br /> Updates `io.netty:netty-all` from 4.2.10.Final to 4.2.11.Final <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/netty/netty/releases">io.netty:netty-all's releases</a>.</em></p> <blockquote> <h2>netty-4.2.11.Final</h2> <h2>Security</h2> <ul> <li>CVE-2026-33871, <a href="https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv">HTTP/2 CONTINUATION Frame Flood Denial of Service</a></li> <li>CVE-2026-33870, <a href="https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8">HTTP Request Smuggling via Chunked Extension Quoted-String Parsing</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Update to latest JDK 26 EA release by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16230">netty/netty#16230</a></li> <li>HTTP3: Allow to support non-standard HTTP3 settings by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16171">netty/netty#16171</a></li> <li>Fix Incorrect nanos-to-millis conversion in epoll_wait EINTR retry loop by <a href="https://github.com/adwsingh"><code>@adwsingh</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16245">netty/netty#16245</a></li> <li>Allocate one large segment and slice for each MsgHdrMemory by <a href="https://github.com/dreamlike-ocean"><code>@dreamlike-ocean</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16234">netty/netty#16234</a></li> <li>Make RefCntOpenSslContext.deallocate more robust by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16253">netty/netty#16253</a></li> <li>Epoll: Fix excessive CPU usage when Channel is only registered but no… by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16250">netty/netty#16250</a></li> <li>Update to gcc for arm 10.3-2021.07 by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16255">netty/netty#16255</a></li> <li>Add acmeIdentifier extension support to pkitesting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16256">netty/netty#16256</a></li> <li>Update JDK versions to latest patch releases by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16254">netty/netty#16254</a></li> <li>Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16241">netty/netty#16241</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16269">netty/netty#16269</a></li> <li>Revert "Automatic backporting workflow from 4.1 to 4.2" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16270">netty/netty#16270</a></li> <li>HTTP2: Correctly account for padding when decompress by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16264">netty/netty#16264</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16271">netty/netty#16271</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16273">netty/netty#16273</a></li> <li>Backport PRs must be created with personal access tokens by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16276">netty/netty#16276</a></li> <li>Expose QuicSslContextBuilder::sni by <a href="https://github.com/ZeroErrors"><code>@ZeroErrors</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16178">netty/netty#16178</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16275">netty/netty#16275</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16283">netty/netty#16283</a></li> <li>Remove the unpooled allocator from test permutations by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16282">netty/netty#16282</a></li> <li>Some polishing of the porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16288">netty/netty#16288</a></li> <li>Allow to set destination connection id when creating a client side QuicheChannel by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16286">netty/netty#16286</a></li> <li>Update to latest JDK26 EA build by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16295">netty/netty#16295</a></li> <li>Add javadoc to clarify responsibility of the user when generating the remote connection id by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16293">netty/netty#16293</a></li> <li>Make the build run faster by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16290">netty/netty#16290</a></li> <li>Fix IDE warnings in SslHandler by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16237">netty/netty#16237</a></li> <li>Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16242">netty/netty#16242</a></li> <li>Support boringssl SSLCredential API by <a href="https://github.com/jmcrawford45"><code>@jmcrawford45</code></a> in <a href="https://redirect.github.com/netty/netty/pull/15919">netty/netty#15919</a></li> <li>Fix high-order bit aliasing in HttpUtil.validateToken by <a href="https://github.com/furkanvarol"><code>@furkanvarol</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16279">netty/netty#16279</a></li> <li>Improve multi-byte access performance when UNALIGNED availability is unknown by <a href="https://github.com/Songdoeon"><code>@Songdoeon</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16207">netty/netty#16207</a></li> <li>Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16278">netty/netty#16278</a></li> <li>Support more branch freedom for auto-porting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16300">netty/netty#16300</a></li> <li>fix: the precedence of + is higher than >> by <a href="https://github.com/cuiweixie"><code>@cuiweixie</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16312">netty/netty#16312</a></li> <li>AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by <a href="https://github.com/laosijikaichele"><code>@laosijikaichele</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16309">netty/netty#16309</a></li> <li>Fix flaky PooledByteBufAllocatorTest by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16313">netty/netty#16313</a></li> <li>Fix pooled arena accounting tests by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16321">netty/netty#16321</a></li> <li>Fix RunInFastThreadLocalThreadExtension by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16314">netty/netty#16314</a></li> <li>AdaptivePoolingAllocator: call <code>unreserveMatchingBuddy(...)</code> if <code>byteBuf</code> initialization failed by <a href="https://github.com/laosijikaichele"><code>@laosijikaichele</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16327">netty/netty#16327</a></li> <li>Recycler should not use thread locals unless they get cleaned up by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16315">netty/netty#16315</a></li> <li>OpenSSL: Don't leak OpenSslKeyManagerProvider on exception by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16337">netty/netty#16337</a></li> <li>IoUring: Only complete deregistration promise once we received all co… by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16330">netty/netty#16330</a></li> <li>Mark LoggingHandlerTest with <a href="https://github.com/Isolated"><code>@Isolated</code></a> to fix flaky build by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16338">netty/netty#16338</a></li> <li>Fix flaky HTTP/2 test by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16342">netty/netty#16342</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/netty/netty/commit/c94a8180e749f694fb76963dd494bae17c31aff6"><code>c94a818</code></a> [maven-release-plugin] prepare release netty-4.2.11.Final</li> <li><a href="https://github.com/netty/netty/commit/3b76df185678353733aa21702d6be16130d188a0"><code>3b76df1</code></a> Merge commit from fork</li> <li><a href="https://github.com/netty/netty/commit/aae944a19eb036993fc47c4b40639476f519deaf"><code>aae944a</code></a> Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/60014996491c41d91c26f80bca096610f34fc858"><code>6001499</code></a> Eliminate redundant bounds checks in CompositeByteBuf accessors (<a href="https://redirect.github.com/netty/netty/issues/16525">#16525</a>)</li> <li><a href="https://github.com/netty/netty/commit/a7fbb6f84625ef29733a1506ed3520e3c21d5247"><code>a7fbb6f</code></a> JdkZlibDecoder: accumulate decompressed output before firing channelRead (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/7937553d8f49e17b064f57b1414907aed8e3be3d"><code>7937553</code></a> Enforce io.netty.maxDirectMemory accounting on all Java versions (<a href="https://redirect.github.com/netty/netty/issues/16489">#16489</a>)</li> <li><a href="https://github.com/netty/netty/commit/893ea2ea6c35c9e1812e5d331530b88d8690022b"><code>893ea2e</code></a> Allocate less in QueryStringDecoder.addParam for typical use case (<a href="https://redirect.github.com/netty/netty/issues/16527">#16527</a>)</li> <li><a href="https://github.com/netty/netty/commit/8f744ecfabbe3f5e96a5adfcaf9966525a856f09"><code>8f744ec</code></a> Replace <code>ClosedChannelException</code> with <code>StacklessClosedChannelException</code> (<a href="https://redirect.github.com/netty/netty/issues/16506">#16506</a>)</li> <li><a href="https://github.com/netty/netty/commit/4d7b70dc2a6417790038f70f230fa9d94f7597da"><code>4d7b70d</code></a> Fix docker image for cross-compiling (<a href="https://redirect.github.com/netty/netty/issues/16522">#16522</a>)</li> <li><a href="https://github.com/netty/netty/commit/cfd0d9a023d405e9c3aa96cca2f4fc4d1948c766"><code>cfd0d9a</code></a> Epoll / IoUring: setTcpMg5Sig(...) might overflow (<a href="https://redirect.github.com/netty/netty/issues/16511">#16511</a>)</li> <li>Additional commits viewable in <a href="https://github.com/netty/netty/compare/netty-4.2.10.Final...netty-4.2.11.Final">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `netty.version` from 4.2.10.Final to 4.2.12.Final. Updates `io.netty:netty-all` from 4.2.10.Final to 4.2.12.Final <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/netty/netty/releases">io.netty:netty-all's releases</a>.</em></p> <blockquote> <h2>netty-4.2.12.Final</h2> <h2>What's Changed</h2> <ul> <li>Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16550">netty/netty#16550</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final">https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final</a></p> <h2>netty-4.2.11.Final</h2> <h2>Security</h2> <ul> <li>CVE-2026-33871, <a href="https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv">HTTP/2 CONTINUATION Frame Flood Denial of Service</a></li> <li>CVE-2026-33870, <a href="https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8">HTTP Request Smuggling via Chunked Extension Quoted-String Parsing</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Update to latest JDK 26 EA release by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16230">netty/netty#16230</a></li> <li>HTTP3: Allow to support non-standard HTTP3 settings by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16171">netty/netty#16171</a></li> <li>Fix Incorrect nanos-to-millis conversion in epoll_wait EINTR retry loop by <a href="https://github.com/adwsingh"><code>@adwsingh</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16245">netty/netty#16245</a></li> <li>Allocate one large segment and slice for each MsgHdrMemory by <a href="https://github.com/dreamlike-ocean"><code>@dreamlike-ocean</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16234">netty/netty#16234</a></li> <li>Make RefCntOpenSslContext.deallocate more robust by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16253">netty/netty#16253</a></li> <li>Epoll: Fix excessive CPU usage when Channel is only registered but no… by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16250">netty/netty#16250</a></li> <li>Update to gcc for arm 10.3-2021.07 by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16255">netty/netty#16255</a></li> <li>Add acmeIdentifier extension support to pkitesting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16256">netty/netty#16256</a></li> <li>Update JDK versions to latest patch releases by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16254">netty/netty#16254</a></li> <li>Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16241">netty/netty#16241</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16269">netty/netty#16269</a></li> <li>Revert "Automatic backporting workflow from 4.1 to 4.2" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16270">netty/netty#16270</a></li> <li>HTTP2: Correctly account for padding when decompress by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16264">netty/netty#16264</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16271">netty/netty#16271</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16273">netty/netty#16273</a></li> <li>Backport PRs must be created with personal access tokens by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16276">netty/netty#16276</a></li> <li>Expose QuicSslContextBuilder::sni by <a href="https://github.com/ZeroErrors"><code>@ZeroErrors</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16178">netty/netty#16178</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16275">netty/netty#16275</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16283">netty/netty#16283</a></li> <li>Remove the unpooled allocator from test permutations by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16282">netty/netty#16282</a></li> <li>Some polishing of the porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16288">netty/netty#16288</a></li> <li>Allow to set destination connection id when creating a client side QuicheChannel by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16286">netty/netty#16286</a></li> <li>Update to latest JDK26 EA build by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16295">netty/netty#16295</a></li> <li>Add javadoc to clarify responsibility of the user when generating the remote connection id by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16293">netty/netty#16293</a></li> <li>Make the build run faster by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16290">netty/netty#16290</a></li> <li>Fix IDE warnings in SslHandler by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16237">netty/netty#16237</a></li> <li>Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16242">netty/netty#16242</a></li> <li>Support boringssl SSLCredential API by <a href="https://github.com/jmcrawford45"><code>@jmcrawford45</code></a> in <a href="https://redirect.github.com/netty/netty/pull/15919">netty/netty#15919</a></li> <li>Fix high-order bit aliasing in HttpUtil.validateToken by <a href="https://github.com/furkanvarol"><code>@furkanvarol</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16279">netty/netty#16279</a></li> <li>Improve multi-byte access performance when UNALIGNED availability is unknown by <a href="https://github.com/Songdoeon"><code>@Songdoeon</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16207">netty/netty#16207</a></li> <li>Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16278">netty/netty#16278</a></li> <li>Support more branch freedom for auto-porting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16300">netty/netty#16300</a></li> <li>fix: the precedence of + is higher than >> by <a href="https://github.com/cuiweixie"><code>@cuiweixie</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16312">netty/netty#16312</a></li> <li>AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by <a href="https://github.com/laosijikaichele"><code>@laosijikaichele</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16309">netty/netty#16309</a></li> <li>Fix flaky PooledByteBufAllocatorTest by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16313">netty/netty#16313</a></li> <li>Fix pooled arena accounting tests by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16321">netty/netty#16321</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/netty/netty/commit/67ce541e4692853e24fc506466960db35bb64914"><code>67ce541</code></a> [maven-release-plugin] prepare release netty-4.2.12.Final</li> <li><a href="https://github.com/netty/netty/commit/7074624644b79f4e97081bd58a58ed135962b8c2"><code>7074624</code></a> Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/c3b0a43442dbf84e3eb161d5f252623f832f1579"><code>c3b0a43</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/netty/netty/commit/c94a8180e749f694fb76963dd494bae17c31aff6"><code>c94a818</code></a> [maven-release-plugin] prepare release netty-4.2.11.Final</li> <li><a href="https://github.com/netty/netty/commit/3b76df185678353733aa21702d6be16130d188a0"><code>3b76df1</code></a> Merge commit from fork</li> <li><a href="https://github.com/netty/netty/commit/aae944a19eb036993fc47c4b40639476f519deaf"><code>aae944a</code></a> Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/60014996491c41d91c26f80bca096610f34fc858"><code>6001499</code></a> Eliminate redundant bounds checks in CompositeByteBuf accessors (<a href="https://redirect.github.com/netty/netty/issues/16525">#16525</a>)</li> <li><a href="https://github.com/netty/netty/commit/a7fbb6f84625ef29733a1506ed3520e3c21d5247"><code>a7fbb6f</code></a> JdkZlibDecoder: accumulate decompressed output before firing channelRead (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/7937553d8f49e17b064f57b1414907aed8e3be3d"><code>7937553</code></a> Enforce io.netty.maxDirectMemory accounting on all Java versions (<a href="https://redirect.github.com/netty/netty/issues/16489">#16489</a>)</li> <li><a href="https://github.com/netty/netty/commit/893ea2ea6c35c9e1812e5d331530b88d8690022b"><code>893ea2e</code></a> Allocate less in QueryStringDecoder.addParam for typical use case (<a href="https://redirect.github.com/netty/netty/issues/16527">#16527</a>)</li> <li>Additional commits viewable in <a href="https://github.com/netty/netty/compare/netty-4.2.10.Final...netty-4.2.12.Final">compare view</a></li> </ul> </details> <br /> Updates `io.netty:netty-codec-http` from 4.2.10.Final to 4.2.12.Final <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/netty/netty/releases">io.netty:netty-codec-http's releases</a>.</em></p> <blockquote> <h2>netty-4.2.12.Final</h2> <h2>What's Changed</h2> <ul> <li>Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16550">netty/netty#16550</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final">https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final</a></p> <h2>netty-4.2.11.Final</h2> <h2>Security</h2> <ul> <li>CVE-2026-33871, <a href="https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv">HTTP/2 CONTINUATION Frame Flood Denial of Service</a></li> <li>CVE-2026-33870, <a href="https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8">HTTP Request Smuggling via Chunked Extension Quoted-String Parsing</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Update to latest JDK 26 EA release by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16230">netty/netty#16230</a></li> <li>HTTP3: Allow to support non-standard HTTP3 settings by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16171">netty/netty#16171</a></li> <li>Fix Incorrect nanos-to-millis conversion in epoll_wait EINTR retry loop by <a href="https://github.com/adwsingh"><code>@adwsingh</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16245">netty/netty#16245</a></li> <li>Allocate one large segment and slice for each MsgHdrMemory by <a href="https://github.com/dreamlike-ocean"><code>@dreamlike-ocean</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16234">netty/netty#16234</a></li> <li>Make RefCntOpenSslContext.deallocate more robust by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16253">netty/netty#16253</a></li> <li>Epoll: Fix excessive CPU usage when Channel is only registered but no… by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16250">netty/netty#16250</a></li> <li>Update to gcc for arm 10.3-2021.07 by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16255">netty/netty#16255</a></li> <li>Add acmeIdentifier extension support to pkitesting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16256">netty/netty#16256</a></li> <li>Update JDK versions to latest patch releases by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16254">netty/netty#16254</a></li> <li>Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16241">netty/netty#16241</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16269">netty/netty#16269</a></li> <li>Revert "Automatic backporting workflow from 4.1 to 4.2" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16270">netty/netty#16270</a></li> <li>HTTP2: Correctly account for padding when decompress by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16264">netty/netty#16264</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16271">netty/netty#16271</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16273">netty/netty#16273</a></li> <li>Backport PRs must be created with personal access tokens by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16276">netty/netty#16276</a></li> <li>Expose QuicSslContextBuilder::sni by <a href="https://github.com/ZeroErrors"><code>@ZeroErrors</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16178">netty/netty#16178</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16275">netty/netty#16275</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16283">netty/netty#16283</a></li> <li>Remove the unpooled allocator from test permutations by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16282">netty/netty#16282</a></li> <li>Some polishing of the porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16288">netty/netty#16288</a></li> <li>Allow to set destination connection id when creating a client side QuicheChannel by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16286">netty/netty#16286</a></li> <li>Update to latest JDK26 EA build by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16295">netty/netty#16295</a></li> <li>Add javadoc to clarify responsibility of the user when generating the remote connection id by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16293">netty/netty#16293</a></li> <li>Make the build run faster by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16290">netty/netty#16290</a></li> <li>Fix IDE warnings in SslHandler by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16237">netty/netty#16237</a></li> <li>Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16242">netty/netty#16242</a></li> <li>Support boringssl SSLCredential API by <a href="https://github.com/jmcrawford45"><code>@jmcrawford45</code></a> in <a href="https://redirect.github.com/netty/netty/pull/15919">netty/netty#15919</a></li> <li>Fix high-order bit aliasing in HttpUtil.validateToken by <a href="https://github.com/furkanvarol"><code>@furkanvarol</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16279">netty/netty#16279</a></li> <li>Improve multi-byte access performance when UNALIGNED availability is unknown by <a href="https://github.com/Songdoeon"><code>@Songdoeon</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16207">netty/netty#16207</a></li> <li>Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16278">netty/netty#16278</a></li> <li>Support more branch freedom for auto-porting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16300">netty/netty#16300</a></li> <li>fix: the precedence of + is higher than >> by <a href="https://github.com/cuiweixie"><code>@cuiweixie</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16312">netty/netty#16312</a></li> <li>AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by <a href="https://github.com/laosijikaichele"><code>@laosijikaichele</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16309">netty/netty#16309</a></li> <li>Fix flaky PooledByteBufAllocatorTest by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16313">netty/netty#16313</a></li> <li>Fix pooled arena accounting tests by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16321">netty/netty#16321</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/netty/netty/commit/67ce541e4692853e24fc506466960db35bb64914"><code>67ce541</code></a> [maven-release-plugin] prepare release netty-4.2.12.Final</li> <li><a href="https://github.com/netty/netty/commit/7074624644b79f4e97081bd58a58ed135962b8c2"><code>7074624</code></a> Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/c3b0a43442dbf84e3eb161d5f252623f832f1579"><code>c3b0a43</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/netty/netty/commit/c94a8180e749f694fb76963dd494bae17c31aff6"><code>c94a818</code></a> [maven-release-plugin] prepare release netty-4.2.11.Final</li> <li><a href="https://github.com/netty/netty/commit/3b76df185678353733aa21702d6be16130d188a0"><code>3b76df1</code></a> Merge commit from fork</li> <li><a href="https://github.com/netty/netty/commit/aae944a19eb036993fc47c4b40639476f519deaf"><code>aae944a</code></a> Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/60014996491c41d91c26f80bca096610f34fc858"><code>6001499</code></a> Eliminate redundant bounds checks in CompositeByteBuf accessors (<a href="https://redirect.github.com/netty/netty/issues/16525">#16525</a>)</li> <li><a href="https://github.com/netty/netty/commit/a7fbb6f84625ef29733a1506ed3520e3c21d5247"><code>a7fbb6f</code></a> JdkZlibDecoder: accumulate decompressed output before firing channelRead (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/7937553d8f49e17b064f57b1414907aed8e3be3d"><code>7937553</code></a> Enforce io.netty.maxDirectMemory accounting on all Java versions (<a href="https://redirect.github.com/netty/netty/issues/16489">#16489</a>)</li> <li><a href="https://github.com/netty/netty/commit/893ea2ea6c35c9e1812e5d331530b88d8690022b"><code>893ea2e</code></a> Allocate less in QueryStringDecoder.addParam for typical use case (<a href="https://redirect.github.com/netty/netty/issues/16527">#16527</a>)</li> <li>Additional commits viewable in <a href="https://github.com/netty/netty/compare/netty-4.2.10.Final...netty-4.2.12.Final">compare view</a></li> </ul> </details> <br /> Updates `io.netty:netty-codec-http2` from 4.2.10.Final to 4.2.12.Final <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/netty/netty/releases">io.netty:netty-codec-http2's releases</a>.</em></p> <blockquote> <h2>netty-4.2.12.Final</h2> <h2>What's Changed</h2> <ul> <li>Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16550">netty/netty#16550</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final">https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final</a></p> <h2>netty-4.2.11.Final</h2> <h2>Security</h2> <ul> <li>CVE-2026-33871, <a href="https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv">HTTP/2 CONTINUATION Frame Flood Denial of Service</a></li> <li>CVE-2026-33870, <a href="https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8">HTTP Request Smuggling via Chunked Extension Quoted-String Parsing</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Update to latest JDK 26 EA release by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16230">netty/netty#16230</a></li> <li>HTTP3: Allow to support non-standard HTTP3 settings by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16171">netty/netty#16171</a></li> <li>Fix Incorrect nanos-to-millis conversion in epoll_wait EINTR retry loop by <a href="https://github.com/adwsingh"><code>@adwsingh</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16245">netty/netty#16245</a></li> <li>Allocate one large segment and slice for each MsgHdrMemory by <a href="https://github.com/dreamlike-ocean"><code>@dreamlike-ocean</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16234">netty/netty#16234</a></li> <li>Make RefCntOpenSslContext.deallocate more robust by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16253">netty/netty#16253</a></li> <li>Epoll: Fix excessive CPU usage when Channel is only registered but no… by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16250">netty/netty#16250</a></li> <li>Update to gcc for arm 10.3-2021.07 by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16255">netty/netty#16255</a></li> <li>Add acmeIdentifier extension support to pkitesting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16256">netty/netty#16256</a></li> <li>Update JDK versions to latest patch releases by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16254">netty/netty#16254</a></li> <li>Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16241">netty/netty#16241</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16269">netty/netty#16269</a></li> <li>Revert "Automatic backporting workflow from 4.1 to 4.2" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16270">netty/netty#16270</a></li> <li>HTTP2: Correctly account for padding when decompress by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16264">netty/netty#16264</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16271">netty/netty#16271</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16273">netty/netty#16273</a></li> <li>Backport PRs must be created with personal access tokens by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16276">netty/netty#16276</a></li> <li>Expose QuicSslContextBuilder::sni by <a href="https://github.com/ZeroErrors"><code>@ZeroErrors</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16178">netty/netty#16178</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16275">netty/netty#16275</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16283">netty/netty#16283</a></li> <li>Remove the unpooled allocator from test permutations by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16282">netty/netty#16282</a></li> <li>Some polishing of the porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16288">netty/netty#16288</a></li> <li>Allow to set destination connection id when creating a client side QuicheChannel by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16286">netty/netty#16286</a></li> <li>Update to latest JDK26 EA build by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16295">netty/netty#16295</a></li> <li>Add javadoc to clarify responsibility of the user when generating the remote connection id by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16293">netty/netty#16293</a></li> <li>Make the build run faster by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16290">netty/netty#16290</a></li> <li>Fix IDE warnings in SslHandler by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16237">netty/netty#16237</a></li> <li>Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16242">netty/netty#16242</a></li> <li>Support boringssl SSLCredential API by <a href="https://github.com/jmcrawford45"><code>@jmcrawford45</code></a> in <a href="https://redirect.github.com/netty/netty/pull/15919">netty/netty#15919</a></li> <li>Fix high-order bit aliasing in HttpUtil.validateToken by <a href="https://github.com/furkanvarol"><code>@furkanvarol</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16279">netty/netty#16279</a></li> <li>Improve multi-byte access performance when UNALIGNED availability is unknown by <a href="https://github.com/Songdoeon"><code>@Songdoeon</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16207">netty/netty#16207</a></li> <li>Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16278">netty/netty#16278</a></li> <li>Support more branch freedom for auto-porting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16300">netty/netty#16300</a></li> <li>fix: the precedence of + is higher than >> by <a href="https://github.com/cuiweixie"><code>@cuiweixie</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16312">netty/netty#16312</a></li> <li>AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by <a href="https://github.com/laosijikaichele"><code>@laosijikaichele</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16309">netty/netty#16309</a></li> <li>Fix flaky PooledByteBufAllocatorTest by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16313">netty/netty#16313</a></li> <li>Fix pooled arena accounting tests by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16321">netty/netty#16321</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/netty/netty/commit/67ce541e4692853e24fc506466960db35bb64914"><code>67ce541</code></a> [maven-release-plugin] prepare release netty-4.2.12.Final</li> <li><a href="https://github.com/netty/netty/commit/7074624644b79f4e97081bd58a58ed135962b8c2"><code>7074624</code></a> Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/c3b0a43442dbf84e3eb161d5f252623f832f1579"><code>c3b0a43</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/netty/netty/commit/c94a8180e749f694fb76963dd494bae17c31aff6"><code>c94a818</code></a> [maven-release-plugin] prepare release netty-4.2.11.Final</li> <li><a href="https://github.com/netty/netty/commit/3b76df185678353733aa21702d6be16130d188a0"><code>3b76df1</code></a> Merge commit from fork</li> <li><a href="https://github.com/netty/netty/commit/aae944a19eb036993fc47c4b40639476f519deaf"><code>aae944a</code></a> Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/60014996491c41d91c26f80bca096610f34fc858"><code>6001499</code></a> Eliminate redundant bounds checks in CompositeByteBuf accessors (<a href="https://redirect.github.com/netty/netty/issues/16525">#16525</a>)</li> <li><a href="https://github.com/netty/netty/commit/a7fbb6f84625ef29733a1506ed3520e3c21d5247"><code>a7fbb6f</code></a> JdkZlibDecoder: accumulate decompressed output before firing channelRead (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/7937553d8f49e17b064f57b1414907aed8e3be3d"><code>7937553</code></a> Enforce io.netty.maxDirectMemory accounting on all Java versions (<a href="https://redirect.github.com/netty/netty/issues/16489">#16489</a>)</li> <li><a href="https://github.com/netty/netty/commit/893ea2ea6c35c9e1812e5d331530b88d8690022b"><code>893ea2e</code></a> Allocate less in QueryStringDecoder.addParam for typical use case (<a href="https://redirect.github.com/netty/netty/issues/16527">#16527</a>)</li> <li>Additional commits viewable in <a href="https://github.com/netty/netty/compare/netty-4.2.10.Final...netty-4.2.12.Final">compare view</a></li> </ul> </details> <br /> Updates `io.netty:netty-codec-http3` from 4.2.10.Final to 4.2.12.Final <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/netty/netty/releases">io.netty:netty-codec-http3's releases</a>.</em></p> <blockquote> <h2>netty-4.2.12.Final</h2> <h2>What's Changed</h2> <ul> <li>Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16550">netty/netty#16550</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final">https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final</a></p> <h2>netty-4.2.11.Final</h2> <h2>Security</h2> <ul> <li>CVE-2026-33871, <a href="https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv">HTTP/2 CONTINUATION Frame Flood Denial of Service</a></li> <li>CVE-2026-33870, <a href="https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8">HTTP Request Smuggling via Chunked Extension Quoted-String Parsing</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Update to latest JDK 26 EA release by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16230">netty/netty#16230</a></li> <li>HTTP3: Allow to support non-standard HTTP3 settings by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16171">netty/netty#16171</a></li> <li>Fix Incorrect nanos-to-millis conversion in epoll_wait EINTR retry loop by <a href="https://github.com/adwsingh"><code>@adwsingh</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16245">netty/netty#16245</a></li> <li>Allocate one large segment and slice for each MsgHdrMemory by <a href="https://github.com/dreamlike-ocean"><code>@dreamlike-ocean</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16234">netty/netty#16234</a></li> <li>Make RefCntOpenSslContext.deallocate more robust by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16253">netty/netty#16253</a></li> <li>Epoll: Fix excessive CPU usage when Channel is only registered but no… by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16250">netty/netty#16250</a></li> <li>Update to gcc for arm 10.3-2021.07 by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16255">netty/netty#16255</a></li> <li>Add acmeIdentifier extension support to pkitesting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16256">netty/netty#16256</a></li> <li>Update JDK versions to latest patch releases by <a href="https://github.com/m1ngyuan"><code>@m1ngyuan</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16254">netty/netty#16254</a></li> <li>Avoid allocation in HttpObjectEncoder.addEncodedLengthHex method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16241">netty/netty#16241</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16269">netty/netty#16269</a></li> <li>Revert "Automatic backporting workflow from 4.1 to 4.2" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16270">netty/netty#16270</a></li> <li>HTTP2: Correctly account for padding when decompress by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16264">netty/netty#16264</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16271">netty/netty#16271</a></li> <li>Automatic backporting workflow from 4.1 to 4.2 by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16273">netty/netty#16273</a></li> <li>Backport PRs must be created with personal access tokens by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16276">netty/netty#16276</a></li> <li>Expose QuicSslContextBuilder::sni by <a href="https://github.com/ZeroErrors"><code>@ZeroErrors</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16178">netty/netty#16178</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16275">netty/netty#16275</a></li> <li>Add more porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16283">netty/netty#16283</a></li> <li>Remove the unpooled allocator from test permutations by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16282">netty/netty#16282</a></li> <li>Some polishing of the porting workflows by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16288">netty/netty#16288</a></li> <li>Allow to set destination connection id when creating a client side QuicheChannel by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16286">netty/netty#16286</a></li> <li>Update to latest JDK26 EA build by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16295">netty/netty#16295</a></li> <li>Add javadoc to clarify responsibility of the user when generating the remote connection id by <a href="https://github.com/normanmaurer"><code>@normanmaurer</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16293">netty/netty#16293</a></li> <li>Make the build run faster by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16290">netty/netty#16290</a></li> <li>Fix IDE warnings in SslHandler by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16237">netty/netty#16237</a></li> <li>Decrease Long allocations and map.put calls in ReferenceCountedOpenSllEngine in handshake() method by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16242">netty/netty#16242</a></li> <li>Support boringssl SSLCredential API by <a href="https://github.com/jmcrawford45"><code>@jmcrawford45</code></a> in <a href="https://redirect.github.com/netty/netty/pull/15919">netty/netty#15919</a></li> <li>Fix high-order bit aliasing in HttpUtil.validateToken by <a href="https://github.com/furkanvarol"><code>@furkanvarol</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16279">netty/netty#16279</a></li> <li>Improve multi-byte access performance when UNALIGNED availability is unknown by <a href="https://github.com/Songdoeon"><code>@Songdoeon</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16207">netty/netty#16207</a></li> <li>Avoid unnecessary SSL.getVersion() call and string allocation in ReferenceCountedOpenSslEngine by <a href="https://github.com/doom369"><code>@doom369</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16278">netty/netty#16278</a></li> <li>Support more branch freedom for auto-porting by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16300">netty/netty#16300</a></li> <li>fix: the precedence of + is higher than >> by <a href="https://github.com/cuiweixie"><code>@cuiweixie</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16312">netty/netty#16312</a></li> <li>AdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater than byteBuf.maxCapacity() by <a href="https://github.com/laosijikaichele"><code>@laosijikaichele</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16309">netty/netty#16309</a></li> <li>Fix flaky PooledByteBufAllocatorTest by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16313">netty/netty#16313</a></li> <li>Fix pooled arena accounting tests by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16321">netty/netty#16321</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/netty/netty/commit/67ce541e4692853e24fc506466960db35bb64914"><code>67ce541</code></a> [maven-release-plugin] prepare release netty-4.2.12.Final</li> <li><a href="https://github.com/netty/netty/commit/7074624644b79f4e97081bd58a58ed135962b8c2"><code>7074624</code></a> Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/c3b0a43442dbf84e3eb161d5f252623f832f1579"><code>c3b0a43</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/netty/netty/commit/c94a8180e749f694fb76963dd494bae17c31aff6"><code>c94a818</code></a> [maven-release-plugin] prepare release netty-4.2.11.Final</li> <li><a href="https://github.com/netty/netty/commit/3b76df185678353733aa21702d6be16130d188a0"><code>3b76df1</code></a> Merge commit from fork</li> <li><a href="https://github.com/netty/netty/commit/aae944a19eb036993fc47c4b40639476f519deaf"><code>aae944a</code></a> Auto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/60014996491c41d91c26f80bca096610f34fc858"><code>6001499</code></a> Eliminate redundant bounds checks in CompositeByteBuf accessors (<a href="https://redirect.github.com/netty/netty/issues/16525">#16525</a>)</li> <li><a href="https://github.com/netty/netty/commit/a7fbb6f84625ef29733a1506ed3520e3c21d5247"><code>a7fbb6f</code></a> JdkZlibDecoder: accumulate decompressed output before firing channelRead (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/7937553d8f49e17b064f57b1414907aed8e3be3d"><code>7937553</code></a> Enforce io.netty.maxDirectMemory accounting on all Java versions (<a href="https://redirect.github.com/netty/netty/issues/16489">#16489</a>)</li> <li><a href="https://github.com/netty/netty/commit/893ea2ea6c35c9e1812e5d331530b88d8690022b"><code>893ea2e</code></a> Allocate less in QueryStringDecoder.addParam for typical use case (<a href="https://redirect.github.com/netty/netty/issues/16527">#16527</a>)</li> <li>Additional commits viewable in <a href="https://github.com/netty/netty/compare/netty-4.2.10.Final...netty-4.2.12.Final">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `awssdk.version` from 2.42.19 to 2.42.20. Updates `software.amazon.awssdk:s3` from 2.42.19 to 2.42.20 Updates `software.amazon.awssdk:lambda` from 2.42.19 to 2.42.20 Updates `software.amazon.awssdk:ses` from 2.42.19 to 2.42.20 Updates `software.amazon.awssdk:cloudwatch` from 2.42.19 to 2.42.20 Updates `software.amazon.awssdk:costexplorer` from 2.42.19 to 2.42.20 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `awssdk.version` from 2.42.19 to 2.42.20. Updates `software.amazon.awssdk:s3` from 2.42.19 to 2.42.20 Updates `software.amazon.awssdk:lambda` from 2.42.19 to 2.42.20 Updates `software.amazon.awssdk:ses` from 2.42.19 to 2.42.20 Updates `software.amazon.awssdk:cloudwatch` from 2.42.19 to 2.42.20 Updates `software.amazon.awssdk:costexplorer` from 2.42.19 to 2.42.20 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
) Bumps `netty.version` from 4.2.11.Final to 4.2.12.Final. Updates `io.netty:netty-bom` from 4.2.11.Final to 4.2.12.Final <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/netty/netty/releases">io.netty:netty-bom's releases</a>.</em></p> <blockquote> <h2>netty-4.2.12.Final</h2> <h2>What's Changed</h2> <ul> <li>Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16550">netty/netty#16550</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final">https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/netty/netty/commit/67ce541e4692853e24fc506466960db35bb64914"><code>67ce541</code></a> [maven-release-plugin] prepare release netty-4.2.12.Final</li> <li><a href="https://github.com/netty/netty/commit/7074624644b79f4e97081bd58a58ed135962b8c2"><code>7074624</code></a> Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/c3b0a43442dbf84e3eb161d5f252623f832f1579"><code>c3b0a43</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final">compare view</a></li> </ul> </details> <br /> Updates `io.netty:netty-all` from 4.2.11.Final to 4.2.12.Final <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/netty/netty/releases">io.netty:netty-all's releases</a>.</em></p> <blockquote> <h2>netty-4.2.12.Final</h2> <h2>What's Changed</h2> <ul> <li>Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" by <a href="https://github.com/chrisvest"><code>@chrisvest</code></a> in <a href="https://redirect.github.com/netty/netty/pull/16550">netty/netty#16550</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final">https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/netty/netty/commit/67ce541e4692853e24fc506466960db35bb64914"><code>67ce541</code></a> [maven-release-plugin] prepare release netty-4.2.12.Final</li> <li><a href="https://github.com/netty/netty/commit/7074624644b79f4e97081bd58a58ed135962b8c2"><code>7074624</code></a> Revert "Eliminate redundant bounds checks in CompositeByteBuf accessors" (<a href="https://redirect.github.com/netty/netty/issues/16">#16</a>...</li> <li><a href="https://github.com/netty/netty/commit/c3b0a43442dbf84e3eb161d5f252623f832f1579"><code>c3b0a43</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `awssdk.version` from 2.42.20 to 2.42.21. Updates `software.amazon.awssdk:s3` from 2.42.20 to 2.42.21 Updates `software.amazon.awssdk:lambda` from 2.42.20 to 2.42.21 Updates `software.amazon.awssdk:ses` from 2.42.19 to 2.42.21 Updates `software.amazon.awssdk:cloudwatch` from 2.42.20 to 2.42.21 Updates `software.amazon.awssdk:costexplorer` from 2.42.20 to 2.42.21 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
….5] (#1045) Bumps [org.springframework.boot:spring-boot](https://github.com/spring-projects/spring-boot) from 4.0.4 to 4.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot's releases</a>.</em></p> <blockquote> <h2>v4.0.5</h2> <h2>:lady_beetle: Bug Fixes</h2> <ul> <li>Test starter for Spring Integration does not include Spring Integration test module <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49784">#49784</a></li> <li>Some sliced tests that import TransactionAutoConfiguration do not import TransactionManagerCustomizationAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49782">#49782</a></li> <li>WebSocket messaging's task executors are only auto-configured and stompWebSocketHandlerMapping is only forced to be eager when using Jackson <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49753">#49753</a></li> <li>WebSocket app fails to start when Jackson is on the classpath but there's no JsonMapper bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49749">#49749</a></li> <li>Metadata annotation processor ignores method-level <code>@NestedConfigurationProperty</code> when using constructor binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49738">#49738</a></li> <li>Override of property in external 'application.properties' or 'application.yaml' is ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49731">#49731</a></li> <li>NativeImageResourceProvider does not find Flyway migration scripts in subdirectories <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49706">#49706</a></li> <li>Add <code>@ConditionalOnWebApplication</code> to NettyReactiveWebServerAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/49695">#49695</a></li> <li><code>@graphqltest</code> does not include <code>@ControllerAdvice</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49672">#49672</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> <ul> <li>Fix incorrect indefinite articles in Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49727">#49727</a></li> <li>Add some more Kotlin examples and trivial style fixes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49714">#49714</a></li> <li>Overhaul Spring Session documentation following modularization <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49704">#49704</a></li> </ul> <h2>:hammer: Dependency Upgrades</h2> <ul> <li>Upgrade to Brave 6.3.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49763">#49763</a></li> <li>Upgrade to Jackson 2 Bom 2.21.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49764">#49764</a></li> <li>Upgrade to jOOQ 3.19.31 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49765">#49765</a></li> <li>Upgrade to Netty 4.2.12.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49794">#49794</a></li> <li>Upgrade to Tomcat 11.0.20 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49767">#49767</a></li> <li>Upgrade to Zipkin Reporter 3.5.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49762">#49762</a></li> </ul> <h2>:heart: Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/Joowon-Seo"><code>@Joowon-Seo</code></a>, <a href="https://github.com/deejay1"><code>@deejay1</code></a>, <a href="https://github.com/dlwldnjs1009"><code>@dlwldnjs1009</code></a>, <a href="https://github.com/kwondh5217"><code>@kwondh5217</code></a>, <a href="https://github.com/ljrmorgan"><code>@ljrmorgan</code></a>, and <a href="https://github.com/quaff"><code>@quaff</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/fe74b311f4b2846848e678eaf7b3c6203ddae930"><code>fe74b31</code></a> Release v4.0.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e1d6e5a7098d1e5d3403fb58387622b65d8e825f"><code>e1d6e5a</code></a> Merge branch '3.5.x' into 4.0.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6c9e52a1745d255e096d1334593636d005f68143"><code>6c9e52a</code></a> Next development version (v3.5.14-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/a413e9545fd1efe9a9548ec70c86f87559c907f1"><code>a413e95</code></a> Upgrade to Netty 4.2.12.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c1694b50c29e37a162a3d9ad43f4e4b434698247"><code>c1694b5</code></a> Add missing Spring Integration test module to the relevant starter</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/51ffdc6cd319fd70f8200ffd69dff0f79c3dfdb7"><code>51ffdc6</code></a> Merge branch '3.5.x' into 4.0.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/696a60e8fd2ce2bff1cf96c2706a97cf64b49a76"><code>696a60e</code></a> Full auto-configure transaction management in slice tests</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ba70d41a998c8e77d185dd1d7e4ace80ed8cd7e2"><code>ba70d41</code></a> Upgrade to Tomcat 11.0.20</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/fd94ca0a0baab48a055b3dfe8fd4d09daec766b9"><code>fd94ca0</code></a> Upgrade to Netty 4.2.11.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7e6833bc9c5b73bba6920cead989e28d64f982ff"><code>7e6833b</code></a> Upgrade to jOOQ 3.19.31</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v4.0.4...v4.0.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…1046) Bumps [com.alibaba.nacos:nacos-client](https://github.com/alibaba/nacos) from 3.1.1 to 3.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/alibaba/nacos/releases">com.alibaba.nacos:nacos-client's releases</a>.</em></p> <blockquote> <h2>3.1.2</h2> <p>Nacos 3.1.2 is a patch release focused on stability improvements, security fixes, and AI module enhancements. Key highlights include:</p> <ul> <li><strong>Security</strong>: Upgraded Spring Boot to 3.4.10 to address CVE-2025-55752, plus log4j and gRPC dependency updates</li> <li><strong>AI/MCP</strong>: Fixed MCP cache inconsistency issues and added version parameter support for Agent Card queries</li> <li><strong>Console</strong>: Improved distributed deployment experience with automatic server member sync and fixed multiple context path issues</li> <li><strong>Client</strong>: Eliminated class unloading memory leak during config reload and fixed UUID passing issue in fuzzy listening</li> <li><strong>Config</strong>: Enhanced config metadata publishing with audit logging and notifications</li> </ul> <h2>Feature</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/13996">#13996</a> Add event publishing for agent and MCP endpoint operations</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/13999">#13999</a> Add audit logging and notifications for config metadata publishing</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14120">#14120</a> Add version parameter support to Maintainer SDK Get Agent Card method</li> </ul> <h2>Enhancement/Refactor</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14000">#14000</a> Eliminate class unloading memory leak during configuration reload using Configuration.initialize()</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14062">#14062</a> Prevent potential data modification risk in client ServiceInfoHolder</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14099">#14099</a> Add validation for serviceName and groupName in SubscribeServiceRequestHandler</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14449">#14449</a> Remove ineffective ThreadLocal in MD5Utils</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14454">#14454</a> Throw proper exception when form parameters exceed size limit</li> </ul> <h2>BugFix</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/13770">#13770</a> Fix missing context path in importToolsFromMcp and other AI-related APIs</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14009">#14009</a> Fix UUID passing issue in configuration fuzzy listening causing initialization events to be filtered</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14016">#14016</a> Fix Console automatic server member synchronization in distributed deployment</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14020">#14020</a> Fix missing '?' placeholder in database query</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14024">#14024</a> Fix MCP cache index inconsistency when recreating MCP server with same name</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14028">#14028</a> Fix remote server selection to use healthy nodes during import/export operations</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14063">#14063</a> Fix control plugin bug</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14104">#14104</a> Fix AI API context path errors in console</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14114">#14114</a> Fix incorrect grayRule detection in ConfigMigrateService</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14121">#14121</a> Fix console-ui pagination reset to 0 instead of 1 on API error</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14210">#14210</a> Fix MainLayout to handle language changes and fetch notices on update</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14401">#14401</a> Fix incorrect created field returned by ConfigRowMapperInjector</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14402">#14402</a> Fix MySQL LIKE query escaping to prevent underscore and hyphen confusion</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14442">#14442</a> Fix Derby and MySQL LIKE query with proper escape handling</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14450">#14450</a> Fix console remote server context-path for maintainer-client</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14635">#14635</a> Fix health status update method to correctly handle persistent instances</li> </ul> <h2>Dependencies</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14006">#14006</a> Upgrade Spring Boot to 3.4.10 to address CVE-2025-55752</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14055">#14055</a> Bump org.apache.logging.log4j:log4j-core from 2.24.3 to 2.25.3</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14714">#14714</a> Upgrade gRPC version to 1.78.0</li> </ul> <h2>Deployment Required</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/alibaba/nacos/commit/87aab1ad9d9097e7196a0da8bedaf73a695eced0"><code>87aab1a</code></a> fix(web): set default max form size to 2MB for form size filter.</li> <li><a href="https://github.com/alibaba/nacos/commit/df1b41d99b82722971b29f085061f32cf6d59c79"><code>df1b41d</code></a> update grpc version to 1.78.0 (<a href="https://redirect.github.com/alibaba/nacos/issues/14714">#14714</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/d5e7750c4a76e8ec0a03d034fbfe6cd650760dbd"><code>d5e7750</code></a> fix(health): update health status method to handle persistent instances corre...</li> <li><a href="https://github.com/alibaba/nacos/commit/9f2ec0aa03fc5a29914d2eb63fa44dbfb56c0f13"><code>9f2ec0a</code></a> fix: No exception is thrown when form parameters are too large. (<a href="https://redirect.github.com/alibaba/nacos/issues/14454">#14454</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/05d646e170d8ddca16a80f1bc8f2177cf557da18"><code>05d646e</code></a> [ISSUE <a href="https://redirect.github.com/alibaba/nacos/issues/14090">#14090</a>] Fix console remote server context-path for maintainer-client (...</li> <li><a href="https://github.com/alibaba/nacos/commit/f74263891fd46da2b1571ce4d01d7cf98e179f5c"><code>f742638</code></a> chore: update project revision to 3.1.2 in pom.xml.</li> <li><a href="https://github.com/alibaba/nacos/commit/f77edba235aaf1bc861ec4d86ead47e97c2dc737"><code>f77edba</code></a> refactor(common): remove ineffective ThreadLocal in MD5Utils (<a href="https://redirect.github.com/alibaba/nacos/issues/14449">#14449</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/64ee64a27f31af7ab5f76376a23932cccca8a1a4"><code>64ee64a</code></a> fix: The ConfigRowMapperInjector returned an incorrect created field (<a href="https://redirect.github.com/alibaba/nacos/issues/14401">#14401</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/38c7290becdaac684de62b30fa0d5a97371d58a9"><code>38c7290</code></a> fix(<a href="https://redirect.github.com/alibaba/nacos/issues/14402">#14402</a>) fix derby and mysql like with escape (<a href="https://redirect.github.com/alibaba/nacos/issues/14442">#14442</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/929470a9c98560329b346c7471874dd383853184"><code>929470a</code></a> fix: update main.css and main.js version query parameters in index.html. (<a href="https://redirect.github.com/alibaba/nacos/issues/14">#14</a>...</li> <li>Additional commits viewable in <a href="https://github.com/alibaba/nacos/compare/3.1.1...3.1.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…[4.0.4 => 4.0.5] (#1039) Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 4.0.4 to 4.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-dependencies's releases</a>.</em></p> <blockquote> <h2>v4.0.5</h2> <h2>:lady_beetle: Bug Fixes</h2> <ul> <li>Test starter for Spring Integration does not include Spring Integration test module <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49784">#49784</a></li> <li>Some sliced tests that import TransactionAutoConfiguration do not import TransactionManagerCustomizationAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49782">#49782</a></li> <li>WebSocket messaging's task executors are only auto-configured and stompWebSocketHandlerMapping is only forced to be eager when using Jackson <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49753">#49753</a></li> <li>WebSocket app fails to start when Jackson is on the classpath but there's no JsonMapper bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49749">#49749</a></li> <li>Metadata annotation processor ignores method-level <code>@NestedConfigurationProperty</code> when using constructor binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49738">#49738</a></li> <li>Override of property in external 'application.properties' or 'application.yaml' is ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49731">#49731</a></li> <li>NativeImageResourceProvider does not find Flyway migration scripts in subdirectories <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49706">#49706</a></li> <li>Add <code>@ConditionalOnWebApplication</code> to NettyReactiveWebServerAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/49695">#49695</a></li> <li><code>@graphqltest</code> does not include <code>@ControllerAdvice</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49672">#49672</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> <ul> <li>Fix incorrect indefinite articles in Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49727">#49727</a></li> <li>Add some more Kotlin examples and trivial style fixes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49714">#49714</a></li> <li>Overhaul Spring Session documentation following modularization <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49704">#49704</a></li> </ul> <h2>:hammer: Dependency Upgrades</h2> <ul> <li>Upgrade to Brave 6.3.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49763">#49763</a></li> <li>Upgrade to Jackson 2 Bom 2.21.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49764">#49764</a></li> <li>Upgrade to jOOQ 3.19.31 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49765">#49765</a></li> <li>Upgrade to Netty 4.2.12.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49794">#49794</a></li> <li>Upgrade to Tomcat 11.0.20 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49767">#49767</a></li> <li>Upgrade to Zipkin Reporter 3.5.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49762">#49762</a></li> </ul> <h2>:heart: Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/Joowon-Seo"><code>@Joowon-Seo</code></a>, <a href="https://github.com/deejay1"><code>@deejay1</code></a>, <a href="https://github.com/dlwldnjs1009"><code>@dlwldnjs1009</code></a>, <a href="https://github.com/kwondh5217"><code>@kwondh5217</code></a>, <a href="https://github.com/ljrmorgan"><code>@ljrmorgan</code></a>, and <a href="https://github.com/quaff"><code>@quaff</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/fe74b311f4b2846848e678eaf7b3c6203ddae930"><code>fe74b31</code></a> Release v4.0.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e1d6e5a7098d1e5d3403fb58387622b65d8e825f"><code>e1d6e5a</code></a> Merge branch '3.5.x' into 4.0.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6c9e52a1745d255e096d1334593636d005f68143"><code>6c9e52a</code></a> Next development version (v3.5.14-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/a413e9545fd1efe9a9548ec70c86f87559c907f1"><code>a413e95</code></a> Upgrade to Netty 4.2.12.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c1694b50c29e37a162a3d9ad43f4e4b434698247"><code>c1694b5</code></a> Add missing Spring Integration test module to the relevant starter</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/51ffdc6cd319fd70f8200ffd69dff0f79c3dfdb7"><code>51ffdc6</code></a> Merge branch '3.5.x' into 4.0.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/696a60e8fd2ce2bff1cf96c2706a97cf64b49a76"><code>696a60e</code></a> Full auto-configure transaction management in slice tests</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ba70d41a998c8e77d185dd1d7e4ace80ed8cd7e2"><code>ba70d41</code></a> Upgrade to Tomcat 11.0.20</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/fd94ca0a0baab48a055b3dfe8fd4d09daec766b9"><code>fd94ca0</code></a> Upgrade to Netty 4.2.11.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7e6833bc9c5b73bba6920cead989e28d64f982ff"><code>7e6833b</code></a> Upgrade to jOOQ 3.19.31</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v4.0.4...v4.0.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…[3.1.189 => 3.1.190] (#1038) Bumps com.huaweicloud.sdk:huaweicloud-sdk-functiongraph from 3.1.189 to 3.1.190. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…rom 4.0.4 to 4.0.5 (#1043) Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 4.0.4 to 4.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-dependencies's releases</a>.</em></p> <blockquote> <h2>v4.0.5</h2> <h2>:lady_beetle: Bug Fixes</h2> <ul> <li>Test starter for Spring Integration does not include Spring Integration test module <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49784">#49784</a></li> <li>Some sliced tests that import TransactionAutoConfiguration do not import TransactionManagerCustomizationAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49782">#49782</a></li> <li>WebSocket messaging's task executors are only auto-configured and stompWebSocketHandlerMapping is only forced to be eager when using Jackson <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49753">#49753</a></li> <li>WebSocket app fails to start when Jackson is on the classpath but there's no JsonMapper bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49749">#49749</a></li> <li>Metadata annotation processor ignores method-level <code>@NestedConfigurationProperty</code> when using constructor binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49738">#49738</a></li> <li>Override of property in external 'application.properties' or 'application.yaml' is ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49731">#49731</a></li> <li>NativeImageResourceProvider does not find Flyway migration scripts in subdirectories <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49706">#49706</a></li> <li>Add <code>@ConditionalOnWebApplication</code> to NettyReactiveWebServerAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/49695">#49695</a></li> <li><code>@graphqltest</code> does not include <code>@ControllerAdvice</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49672">#49672</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> <ul> <li>Fix incorrect indefinite articles in Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49727">#49727</a></li> <li>Add some more Kotlin examples and trivial style fixes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49714">#49714</a></li> <li>Overhaul Spring Session documentation following modularization <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49704">#49704</a></li> </ul> <h2>:hammer: Dependency Upgrades</h2> <ul> <li>Upgrade to Brave 6.3.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49763">#49763</a></li> <li>Upgrade to Jackson 2 Bom 2.21.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49764">#49764</a></li> <li>Upgrade to jOOQ 3.19.31 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49765">#49765</a></li> <li>Upgrade to Netty 4.2.12.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49794">#49794</a></li> <li>Upgrade to Tomcat 11.0.20 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49767">#49767</a></li> <li>Upgrade to Zipkin Reporter 3.5.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49762">#49762</a></li> </ul> <h2>:heart: Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/Joowon-Seo"><code>@Joowon-Seo</code></a>, <a href="https://github.com/deejay1"><code>@deejay1</code></a>, <a href="https://github.com/dlwldnjs1009"><code>@dlwldnjs1009</code></a>, <a href="https://github.com/kwondh5217"><code>@kwondh5217</code></a>, <a href="https://github.com/ljrmorgan"><code>@ljrmorgan</code></a>, and <a href="https://github.com/quaff"><code>@quaff</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/fe74b311f4b2846848e678eaf7b3c6203ddae930"><code>fe74b31</code></a> Release v4.0.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e1d6e5a7098d1e5d3403fb58387622b65d8e825f"><code>e1d6e5a</code></a> Merge branch '3.5.x' into 4.0.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6c9e52a1745d255e096d1334593636d005f68143"><code>6c9e52a</code></a> Next development version (v3.5.14-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/a413e9545fd1efe9a9548ec70c86f87559c907f1"><code>a413e95</code></a> Upgrade to Netty 4.2.12.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c1694b50c29e37a162a3d9ad43f4e4b434698247"><code>c1694b5</code></a> Add missing Spring Integration test module to the relevant starter</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/51ffdc6cd319fd70f8200ffd69dff0f79c3dfdb7"><code>51ffdc6</code></a> Merge branch '3.5.x' into 4.0.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/696a60e8fd2ce2bff1cf96c2706a97cf64b49a76"><code>696a60e</code></a> Full auto-configure transaction management in slice tests</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ba70d41a998c8e77d185dd1d7e4ace80ed8cd7e2"><code>ba70d41</code></a> Upgrade to Tomcat 11.0.20</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/fd94ca0a0baab48a055b3dfe8fd4d09daec766b9"><code>fd94ca0</code></a> Upgrade to Netty 4.2.11.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7e6833bc9c5b73bba6920cead989e28d64f982ff"><code>7e6833b</code></a> Upgrade to jOOQ 3.19.31</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v4.0.4...v4.0.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…4.0.5 (#1041) Bumps [org.springframework.boot:spring-boot](https://github.com/spring-projects/spring-boot) from 4.0.4 to 4.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot's releases</a>.</em></p> <blockquote> <h2>v4.0.5</h2> <h2>:lady_beetle: Bug Fixes</h2> <ul> <li>Test starter for Spring Integration does not include Spring Integration test module <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49784">#49784</a></li> <li>Some sliced tests that import TransactionAutoConfiguration do not import TransactionManagerCustomizationAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49782">#49782</a></li> <li>WebSocket messaging's task executors are only auto-configured and stompWebSocketHandlerMapping is only forced to be eager when using Jackson <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49753">#49753</a></li> <li>WebSocket app fails to start when Jackson is on the classpath but there's no JsonMapper bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49749">#49749</a></li> <li>Metadata annotation processor ignores method-level <code>@NestedConfigurationProperty</code> when using constructor binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49738">#49738</a></li> <li>Override of property in external 'application.properties' or 'application.yaml' is ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49731">#49731</a></li> <li>NativeImageResourceProvider does not find Flyway migration scripts in subdirectories <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49706">#49706</a></li> <li>Add <code>@ConditionalOnWebApplication</code> to NettyReactiveWebServerAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/49695">#49695</a></li> <li><code>@graphqltest</code> does not include <code>@ControllerAdvice</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49672">#49672</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> <ul> <li>Fix incorrect indefinite articles in Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49727">#49727</a></li> <li>Add some more Kotlin examples and trivial style fixes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49714">#49714</a></li> <li>Overhaul Spring Session documentation following modularization <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49704">#49704</a></li> </ul> <h2>:hammer: Dependency Upgrades</h2> <ul> <li>Upgrade to Brave 6.3.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49763">#49763</a></li> <li>Upgrade to Jackson 2 Bom 2.21.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49764">#49764</a></li> <li>Upgrade to jOOQ 3.19.31 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49765">#49765</a></li> <li>Upgrade to Netty 4.2.12.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49794">#49794</a></li> <li>Upgrade to Tomcat 11.0.20 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49767">#49767</a></li> <li>Upgrade to Zipkin Reporter 3.5.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/49762">#49762</a></li> </ul> <h2>:heart: Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/Joowon-Seo"><code>@Joowon-Seo</code></a>, <a href="https://github.com/deejay1"><code>@deejay1</code></a>, <a href="https://github.com/dlwldnjs1009"><code>@dlwldnjs1009</code></a>, <a href="https://github.com/kwondh5217"><code>@kwondh5217</code></a>, <a href="https://github.com/ljrmorgan"><code>@ljrmorgan</code></a>, and <a href="https://github.com/quaff"><code>@quaff</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/fe74b311f4b2846848e678eaf7b3c6203ddae930"><code>fe74b31</code></a> Release v4.0.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e1d6e5a7098d1e5d3403fb58387622b65d8e825f"><code>e1d6e5a</code></a> Merge branch '3.5.x' into 4.0.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6c9e52a1745d255e096d1334593636d005f68143"><code>6c9e52a</code></a> Next development version (v3.5.14-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/a413e9545fd1efe9a9548ec70c86f87559c907f1"><code>a413e95</code></a> Upgrade to Netty 4.2.12.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c1694b50c29e37a162a3d9ad43f4e4b434698247"><code>c1694b5</code></a> Add missing Spring Integration test module to the relevant starter</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/51ffdc6cd319fd70f8200ffd69dff0f79c3dfdb7"><code>51ffdc6</code></a> Merge branch '3.5.x' into 4.0.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/696a60e8fd2ce2bff1cf96c2706a97cf64b49a76"><code>696a60e</code></a> Full auto-configure transaction management in slice tests</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ba70d41a998c8e77d185dd1d7e4ace80ed8cd7e2"><code>ba70d41</code></a> Upgrade to Tomcat 11.0.20</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/fd94ca0a0baab48a055b3dfe8fd4d09daec766b9"><code>fd94ca0</code></a> Upgrade to Netty 4.2.11.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7e6833bc9c5b73bba6920cead989e28d64f982ff"><code>7e6833b</code></a> Upgrade to jOOQ 3.19.31</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v4.0.4...v4.0.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…1044) Bumps [com.alibaba.nacos:nacos-client](https://github.com/alibaba/nacos) from 3.1.1 to 3.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/alibaba/nacos/releases">com.alibaba.nacos:nacos-client's releases</a>.</em></p> <blockquote> <h2>3.1.2</h2> <p>Nacos 3.1.2 is a patch release focused on stability improvements, security fixes, and AI module enhancements. Key highlights include:</p> <ul> <li><strong>Security</strong>: Upgraded Spring Boot to 3.4.10 to address CVE-2025-55752, plus log4j and gRPC dependency updates</li> <li><strong>AI/MCP</strong>: Fixed MCP cache inconsistency issues and added version parameter support for Agent Card queries</li> <li><strong>Console</strong>: Improved distributed deployment experience with automatic server member sync and fixed multiple context path issues</li> <li><strong>Client</strong>: Eliminated class unloading memory leak during config reload and fixed UUID passing issue in fuzzy listening</li> <li><strong>Config</strong>: Enhanced config metadata publishing with audit logging and notifications</li> </ul> <h2>Feature</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/13996">#13996</a> Add event publishing for agent and MCP endpoint operations</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/13999">#13999</a> Add audit logging and notifications for config metadata publishing</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14120">#14120</a> Add version parameter support to Maintainer SDK Get Agent Card method</li> </ul> <h2>Enhancement/Refactor</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14000">#14000</a> Eliminate class unloading memory leak during configuration reload using Configuration.initialize()</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14062">#14062</a> Prevent potential data modification risk in client ServiceInfoHolder</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14099">#14099</a> Add validation for serviceName and groupName in SubscribeServiceRequestHandler</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14449">#14449</a> Remove ineffective ThreadLocal in MD5Utils</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14454">#14454</a> Throw proper exception when form parameters exceed size limit</li> </ul> <h2>BugFix</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/13770">#13770</a> Fix missing context path in importToolsFromMcp and other AI-related APIs</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14009">#14009</a> Fix UUID passing issue in configuration fuzzy listening causing initialization events to be filtered</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14016">#14016</a> Fix Console automatic server member synchronization in distributed deployment</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14020">#14020</a> Fix missing '?' placeholder in database query</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14024">#14024</a> Fix MCP cache index inconsistency when recreating MCP server with same name</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14028">#14028</a> Fix remote server selection to use healthy nodes during import/export operations</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14063">#14063</a> Fix control plugin bug</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14104">#14104</a> Fix AI API context path errors in console</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14114">#14114</a> Fix incorrect grayRule detection in ConfigMigrateService</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14121">#14121</a> Fix console-ui pagination reset to 0 instead of 1 on API error</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14210">#14210</a> Fix MainLayout to handle language changes and fetch notices on update</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14401">#14401</a> Fix incorrect created field returned by ConfigRowMapperInjector</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14402">#14402</a> Fix MySQL LIKE query escaping to prevent underscore and hyphen confusion</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14442">#14442</a> Fix Derby and MySQL LIKE query with proper escape handling</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14450">#14450</a> Fix console remote server context-path for maintainer-client</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14635">#14635</a> Fix health status update method to correctly handle persistent instances</li> </ul> <h2>Dependencies</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14006">#14006</a> Upgrade Spring Boot to 3.4.10 to address CVE-2025-55752</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14055">#14055</a> Bump org.apache.logging.log4j:log4j-core from 2.24.3 to 2.25.3</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14714">#14714</a> Upgrade gRPC version to 1.78.0</li> </ul> <h2>Deployment Required</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/alibaba/nacos/commit/87aab1ad9d9097e7196a0da8bedaf73a695eced0"><code>87aab1a</code></a> fix(web): set default max form size to 2MB for form size filter.</li> <li><a href="https://github.com/alibaba/nacos/commit/df1b41d99b82722971b29f085061f32cf6d59c79"><code>df1b41d</code></a> update grpc version to 1.78.0 (<a href="https://redirect.github.com/alibaba/nacos/issues/14714">#14714</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/d5e7750c4a76e8ec0a03d034fbfe6cd650760dbd"><code>d5e7750</code></a> fix(health): update health status method to handle persistent instances corre...</li> <li><a href="https://github.com/alibaba/nacos/commit/9f2ec0aa03fc5a29914d2eb63fa44dbfb56c0f13"><code>9f2ec0a</code></a> fix: No exception is thrown when form parameters are too large. (<a href="https://redirect.github.com/alibaba/nacos/issues/14454">#14454</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/05d646e170d8ddca16a80f1bc8f2177cf557da18"><code>05d646e</code></a> [ISSUE <a href="https://redirect.github.com/alibaba/nacos/issues/14090">#14090</a>] Fix console remote server context-path for maintainer-client (...</li> <li><a href="https://github.com/alibaba/nacos/commit/f74263891fd46da2b1571ce4d01d7cf98e179f5c"><code>f742638</code></a> chore: update project revision to 3.1.2 in pom.xml.</li> <li><a href="https://github.com/alibaba/nacos/commit/f77edba235aaf1bc861ec4d86ead47e97c2dc737"><code>f77edba</code></a> refactor(common): remove ineffective ThreadLocal in MD5Utils (<a href="https://redirect.github.com/alibaba/nacos/issues/14449">#14449</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/64ee64a27f31af7ab5f76376a23932cccca8a1a4"><code>64ee64a</code></a> fix: The ConfigRowMapperInjector returned an incorrect created field (<a href="https://redirect.github.com/alibaba/nacos/issues/14401">#14401</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/38c7290becdaac684de62b30fa0d5a97371d58a9"><code>38c7290</code></a> fix(<a href="https://redirect.github.com/alibaba/nacos/issues/14402">#14402</a>) fix derby and mysql like with escape (<a href="https://redirect.github.com/alibaba/nacos/issues/14442">#14442</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/929470a9c98560329b346c7471874dd383853184"><code>929470a</code></a> fix: update main.css and main.js version query parameters in index.html. (<a href="https://redirect.github.com/alibaba/nacos/issues/14">#14</a>...</li> <li>Additional commits viewable in <a href="https://github.com/alibaba/nacos/compare/3.1.1...3.1.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…[3.1.189 => 3.1.190] (#1040) Bumps com.huaweicloud.sdk:huaweicloud-sdk-functiongraph from 3.1.189 to 3.1.190. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…rom 3.1.189 to 3.1.190 (#1042) Bumps com.huaweicloud.sdk:huaweicloud-sdk-functiongraph from 3.1.189 to 3.1.190. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `awssdk.version` from 2.42.21 to 2.42.22. Updates `software.amazon.awssdk:s3` from 2.42.21 to 2.42.22 Updates `software.amazon.awssdk:lambda` from 2.42.21 to 2.42.22 Updates `software.amazon.awssdk:ses` from 2.42.21 to 2.42.22 Updates `software.amazon.awssdk:cloudwatch` from 2.42.21 to 2.42.22 Updates `software.amazon.awssdk:costexplorer` from 2.42.21 to 2.42.22 Updates `software.amazon.awssdk:auth` from 2.42.21 to 2.42.22 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.