dependabot[bot] opened a new pull request, #5119: URL: https://github.com/apache/servicecomb-java-chassis/pull/5119
Bumps [com.alibaba.nacos:nacos-client](https://github.com/alibaba/nacos) from 3.1.1 to 3.2.1-2026.03.30. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/alibaba/nacos/releases";>com.alibaba.nacos:nacos-client's releases</a>.</em></p> <blockquote> <h2>3.2.1-2026.03.30</h2> <p>Nacos <code>3.2.1-2026.03.30</code> is a <strong>snapshot</strong> release focused on critical bug fixes for issues discovered in 3.2.0, particularly around AI module dependency conflicts, console UI bugs, and race conditions in the skill publish pipeline.</p> <p>Key highlights include:</p> <ul> <li><strong>Dependency Resolution</strong>: Upgraded MCP SDK to 0.17.0 to resolve json-schema-validator conflicts affecting AI module functionality</li> <li><strong>AI Module Stability</strong>: Fixed race condition in skill publish pipeline and streamlined skill download routing</li> <li><strong>Console UI Fixes</strong>: Addressed configuration file editing errors and namespace ID validation issues in the new UI</li> <li><strong>Input Validation</strong>: Enhanced parameter validation in ops controller forms for better security</li> </ul> <h2>Feature</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14794";>#14794</a> Support force-publish skills for admin user</li> </ul> <h2>Enhancement/Refactor</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14784";>#14784</a> Validate input parameters in ops controller forms for better security</li> </ul> <h2>BugFix</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14765";>#14765</a> Fix configuration file editing error in 3.2 console</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14768";>#14768</a> Fix <code>/v3/console/ai/mcp/importToolsFromMcp</code> failure due to json-schema-validator dependency conflict</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14771";>#14771</a> Fix batch import failure in legacy console UI</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14775";>#14775</a> Add missing OIDC-related configurations to application.properties template</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14783";>#14783</a> Remove downloadSkillZip from AiClientProxy interface and route skill download directly to HTTP client</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14786";>#14786</a> Eliminate race condition in AI publish pipeline by pre-generating executionId</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14794";>#14794</a> Fix namespace ID validation issue in new UI when adding custom namespace</li> </ul> <h2>Dependencies</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14782";>#14782</a> Upgrade MCP SDK to 0.17.0 to resolve json-schema-validator conflict</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/alibaba/nacos/compare/3.2.0...3.2.1-2026.03.30";>https://github.com/alibaba/nacos/compare/3.2.0...3.2.1-2026.03.30</a></p> <h2>3.2.0 (Mar 27th, 2026)</h2> <p>Nacos 3.2.0 is a major release focused on plugin architecture enhancement, AI Registry expansion, API modernization, and code quality improvements. Key highlights include:</p> <ul> <li><strong>AI Registry Completes the "AI Triad"</strong>: Skill Registry and Prompt Registry join existing MCP/Agent Registry, with Nacos Copilot integration for AI-assisted management</li> <li><strong>Plugin Architecture Modernization</strong>: Comprehensive SPI-based plugin management with console UI, cluster-wide synchronization, and PostgreSQL enhancements</li> <li><strong>API Cleanup</strong>: Legacy UDP PUSH support removed, /v1 and /v2 HTTP APIs extracted to submodules for future removal</li> <li><strong>Security & Code Quality</strong>: OIDC/OAuth2 authentication plugin, multiple FindBugs fixes, dead code removal, and JDK 17+ compatibility enhancements</li> <li><strong>Console Modernization</strong>: Dual UI support for new/legacy console switching with improved user experience</li> </ul> <h2>Feature</h2> <ul> <li><a href="https://redirect.github.com/alibaba/nacos/issues/13699";>#13699</a> Support outputSchema for MCP tools</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14041";>#14041</a> Merge nacos-plugin PostgreSQL & Base Implementation into main repository</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14056";>#14056</a> Refactor datasource plugins structure and enhance PostgreSQL capabilities</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14077";>#14077</a> Implement SPI-based plugin discovery and management API</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14078";>#14078</a> Implement cluster-wide state synchronization for plugins</li> <li><a href="https://redirect.github.com/alibaba/nacos/issues/14079";>#14079</a> Add plugin management console UI and API</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/alibaba/nacos/commit/9e968cc19fee33412783e9f21eeacc37f66f6bde";><code>9e968cc</code></a> style(common): fix header comment formatting in AbstractNacosRestTemplate.java.</li> <li><a href="https://github.com/alibaba/nacos/commit/6e6c85022b38fa1e26ed36d8e333e5402392ffd6";><code>6e6c850</code></a> chore(build): update project revision to 3.2.1-2026.03.30.</li> <li><a href="https://github.com/alibaba/nacos/commit/2a213deb7f57bad805b71c338a84424cc14a5e02";><code>2a213de</code></a> Support force-publish skills for admin user. (<a href="https://redirect.github.com/alibaba/nacos/issues/14794";>#14794</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/a0200d570065c52a67fd15f8f2ba13e92fee2abb";><code>a0200d5</code></a> fix(common): add ByteArrayResponseHandler to fix byte[] deserialization in Na...</li> <li><a href="https://github.com/alibaba/nacos/commit/920551e0096a9292a933ed0ee98311cc40642978";><code>920551e</code></a> develop fix ut (<a href="https://redirect.github.com/alibaba/nacos/issues/14788";>#14788</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/40e1e484e35808cf742367a1fe1b0ea6932de1b2";><code>40e1e48</code></a> :heavy_minus_sign: remove duplicate dependency (<a href="https://redirect.github.com/alibaba/nacos/issues/14769";>#14769</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/2989450cdfeaac13eb66f476f6a000b7d7049a6c";><code>2989450</code></a> [AI] Remove downloadSkillZip from AiClientProxy interface, Skill always uses ...</li> <li><a href="https://github.com/alibaba/nacos/commit/c9161d1a0f71e81ffea2e69baffeb6b86e9e572a";><code>c9161d1</code></a> fix(ai): eliminate race condition in publish pipeline by pre-generating execu...</li> <li><a href="https://github.com/alibaba/nacos/commit/3856ec76a0443db6bb66059239eed5a02de2d350";><code>3856ec7</code></a> Fix UT. (<a href="https://redirect.github.com/alibaba/nacos/issues/14781";>#14781</a>)</li> <li><a href="https://github.com/alibaba/nacos/commit/3dfee740173de765609f314e0b8151be1b85becf";><code>3dfee74</code></a> feat(core): validate input parameters in ops controller forms. (<a href="https://redirect.github.com/alibaba/nacos/issues/14784";>#14784</a>)</li> <li>Additional commits viewable in <a href="https://github.com/alibaba/nacos/compare/3.1.1...3.2.1-2026.03.30";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
