From bd03418a406e813f7f89e4466b554932e56f2a79 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Mar 2026 02:35:36 +0800 Subject: [PATCH 1/4] =?UTF-8?q?chore(deps):=20=E4=BE=9D=E8=B5=96=E9=A1=B9?= =?UTF-8?q?=E5=8D=87=E7=BA=A7[org.codehaus.mojo:flatten-maven-plugin][1.7.?= =?UTF-8?q?1=20=3D>=201.7.3]=20(#1071)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [org.codehaus.mojo:flatten-maven-plugin](https://github.com/mojohaus/flatten-maven-plugin) from 1.7.1 to 1.7.3.
Release notes

Sourced from org.codehaus.mojo:flatten-maven-plugin's releases.

1.7.3

🐛 Bug Fixes

📦 Dependency updates

1.7.2

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.codehaus.mojo:flatten-maven-plugin&package-manager=maven&previous-version=1.7.1&new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- meta-bom/bom-deamon/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-bom/bom-deamon/pom.xml b/meta-bom/bom-deamon/pom.xml index 818f51fe..2afa8087 100644 --- a/meta-bom/bom-deamon/pom.xml +++ b/meta-bom/bom-deamon/pom.xml @@ -1635,7 +1635,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.7.1 + 1.7.3 true bom From 9feee10ed8a25762344c84ad88872c632bc62034 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Mar 2026 02:35:57 +0800 Subject: [PATCH 2/4] =?UTF-8?q?chore(deps):=20=E4=BE=9D=E8=B5=96=E9=A1=B9?= =?UTF-8?q?=E5=8D=87=E7=BA=A7[org.apache.maven.plugins:maven-antrun-plugin?= =?UTF-8?q?][3.1.0=20=3D>=203.2.0]=20(#1073)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [org.apache.maven.plugins:maven-antrun-plugin](https://github.com/apache/maven-antrun-plugin) from 3.1.0 to 3.2.0.
Release notes

Sourced from org.apache.maven.plugins:maven-antrun-plugin's releases.

3.2.0

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

... (truncated)

Commits
  • d8a5220 [maven-release-plugin] prepare release maven-antrun-plugin-3.2.0
  • a049c4d Refresh download page, use site descriptor 2.0
  • 3e2fbe1 Add tag-template to release-drafter
  • 43af127 Add hacktoberfest label to project
  • cc0189a Run ci also with Maven 4
  • ff42558 Bump Maven to 3.9.11 and keep prerequisites at 3.6.3
  • 17c406c Bump version.xmlunit from 2.10.3 to 2.10.4 (#338)
  • a313597 feat: enable prevent branch protection rules
  • e0127c7 Bump org.apache.maven.plugins:maven-plugins from 44 to 45
  • 565754c fix
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-antrun-plugin&package-manager=maven&previous-version=3.1.0&new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- meta-bom/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-bom/pom.xml b/meta-bom/pom.xml index 8f3d2578..75ca6f61 100644 --- a/meta-bom/pom.xml +++ b/meta-bom/pom.xml @@ -51,7 +51,7 @@ UTF-8 UTF-8 - 3.1.0 + 3.2.0 3.7.1 3.4.0 3.15.0 From 9d3f1e62ae0af8f0d176d590884817f876400582 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Mar 2026 02:36:11 +0800 Subject: [PATCH 3/4] =?UTF-8?q?chore(deps):=20=E4=BE=9D=E8=B5=96=E9=A1=B9?= =?UTF-8?q?=E5=8D=87=E7=BA=A7[com.alibaba.nacos:nacos-client][3.1.2=20=3D>?= =?UTF-8?q?=203.2.0]=20(#1072)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [com.alibaba.nacos:nacos-client](https://github.com/alibaba/nacos) from 3.1.2 to 3.2.0.
Release notes

Sourced from com.alibaba.nacos:nacos-client's releases.

3.2.0 (Mar 27th, 2026)

Nacos 3.2.0 is a major release focused on plugin architecture enhancement, AI Registry expansion, API modernization, and code quality improvements. Key highlights include:

  • AI Registry Completes the "AI Triad": Skill Registry and Prompt Registry join existing MCP/Agent Registry, with Nacos Copilot integration for AI-assisted management
  • Plugin Architecture Modernization: Comprehensive SPI-based plugin management with console UI, cluster-wide synchronization, and PostgreSQL enhancements
  • API Cleanup: Legacy UDP PUSH support removed, /v1 and /v2 HTTP APIs extracted to submodules for future removal
  • Security & Code Quality: OIDC/OAuth2 authentication plugin, multiple FindBugs fixes, dead code removal, and JDK 17+ compatibility enhancements
  • Console Modernization: Dual UI support for new/legacy console switching with improved user experience

Feature

  • #13699 Support outputSchema for MCP tools
  • #14041 Merge nacos-plugin PostgreSQL & Base Implementation into main repository
  • #14056 Refactor datasource plugins structure and enhance PostgreSQL capabilities
  • #14077 Implement SPI-based plugin discovery and management API
  • #14078 Implement cluster-wide state synchronization for plugins
  • #14079 Add plugin management console UI and API
  • #14084 Support MCP Tool _meta and annotations fields
  • #14085 Enhance MCP tool metadata with annotations support
  • #14101 Implement cluster-wide state synchronization
  • #14109 Introduce Prompt Registry as core component of Nacos AI Registry
  • #14110 Introduce Skills Registry to complement Nacos AI Registry vision
  • #14117 Add plugin management console UI and API
  • #14120 Add version parameter support to Maintainer SDK Get Agent Card method
  • #14527 Add OIDC/OAuth2 Authentication Plugin (Server)
  • #14534 Add find-skill-from-nacos capability for intelligent skill discovery
  • #14623 Add skill-scanner integration for AI Skill security scanning
  • #14641 Update Nacos console UI with modern design
  • #14653 Support dual UI switching between new and legacy console with contextPath adaptation
  • #14672 Skill support for data level access and visibility Phase 2
  • #14677 Skill support for data level access and visibility Phase 3

Enhancement/Refactor

  • #14048 Refactor datasource plugins structure and enhance PostgreSQL capabilities
  • #14050 Extract /v1 and /v2 HTTP APIs to submodules for future removal
  • #14052 Remove UDP PUSH support for naming module
  • #14057 Refactor CreateTool and support output scheme
  • #14074 Remove legacy UDP PUSH support from naming module
  • #14122 Add JVM --add-opens options for JDK 17+ compatibility in startup scripts
  • #14125 Activate dev profile by default for plugin dependencies
  • #14441 Refactor version comparison and JSON field handling with constants
  • #14461 Remove obsolete p3c-pmd plugin and cleanup annotations
  • #14463 Unify component scanning with custom package exclusion
  • #14468 Unify component scanning with custom package exclusion
  • #14546 Remove unused common.cache package (dead code from Guava removal attempt)
  • #14585 Refactor admin API input from JSON body to form params
  • #14640 Refactor database plugins and update CI report paths

BugFix

... (truncated)

Commits
  • 411f0b0 Sync some fix into develop branch. (#14762)
  • 1f97ac5 Merge remote-tracking branch 'refs/remotes/upstream/develop' into develop-ski...
  • d4d3a70 fix(test): Fix unit test async test failed.
  • 93703e6 fix(test): Fix ai module unit test.
  • 610cf51 fix(console-ui-next): fix scroll lock on route change and increase panel heig...
  • a01fdb3 Merge pull request #14760 from luoxiner/support-import-data-from
  • 2a2bb43 feat(ai-resource): add 'from' field to AI resource metadata.
  • 35198be chore(build): finalize release version from beta.
  • 84e031b fix(skill): update default author value to "-" .
  • 652232b Merge pull request #14756 from alibaba/develop-skill-pipeline
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.alibaba.nacos:nacos-client&package-manager=maven&previous-version=3.1.2&new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- meta-bom/bom-deamon/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-bom/bom-deamon/pom.xml b/meta-bom/bom-deamon/pom.xml index 2afa8087..30b487f2 100644 --- a/meta-bom/bom-deamon/pom.xml +++ b/meta-bom/bom-deamon/pom.xml @@ -375,7 +375,7 @@ com.alibaba.nacos nacos-client - 3.1.2 + 3.2.0 compile From 3ad970c8af80658cba9eed80291924e3b12e567c Mon Sep 17 00:00:00 2001 From: ACANX Date: Sat, 28 Mar 2026 02:38:27 +0800 Subject: [PATCH 4/4] Feat/acanx/remove (#1074) --- meta-bom/bom-deamon/pom.xml | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/meta-bom/bom-deamon/pom.xml b/meta-bom/bom-deamon/pom.xml index 30b487f2..68acf422 100644 --- a/meta-bom/bom-deamon/pom.xml +++ b/meta-bom/bom-deamon/pom.xml @@ -678,18 +678,6 @@ netty-all ${netty.version} - - io.netty - netty-transport-native-unix-common - ${netty.version} - runtime - - - io.netty - netty-transport-native-unix-common - ${netty.version} - runtime - io.netty netty-transport-native-epoll