dependabot[bot] opened a new pull request, #5063: URL: https://github.com/apache/eventmesh/pull/5063
Bumps [com.alibaba.nacos:nacos-client](https://github.com/alibaba/nacos) from 2.3.3 to 2.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/alibaba/nacos/releases";>com.alibaba.nacos:nacos-client's releases</a>.</em></p> <blockquote> <h2>2.4.0-BETA (Jun 6th, 2024)</h2> <p>This version is an important version which support many new features.</p> <p>The most mainly feature is Nacos support maintainer to initialize the admin user <code>nacos</code> password instead of using default password to improve the default security for deploy nacos clusters.</p> <p>And other mainly features are support TLS Grpc communication between Nacos cluster nodes as an optional feature to improve Nacos security, which means nacos not only support TLS communication between client and server; What's more, Nacos start to support user extend <code>Selector</code> before callback <code>Subscriber</code> for naming module, not only can select instance of services by healthy and clusters. And Nacos client support callback service diffs by new event to reduce <code>Subscriber</code> cache and compare logics.</p> <p>Third mainly features are support some configs usages in Nacos console and support more enhancement usage for plugins, such as support add all metadata to prometheus sd protocol and support aliyun ram v4 signature.</p> <p>In addition to substantial feature updates, this version also fixes some bugs from previous versions and upgrades certain dependencies with security vulnerabilities.</p> <p>Detail see:</p> <h2>Feature</h2> <p><a href="https://redirect.github.com/alibaba/nacos/issues/10374";>#10374</a> Support naming custom selectors and support service diff events. <a href="https://redirect.github.com/alibaba/nacos/issues/11456";>#11456</a> Support TLS Grpc communication between Nacos cluster nodes. <a href="https://redirect.github.com/alibaba/nacos/issues/11847";>#11847</a> Nacos console support publish config with cas. <a href="https://redirect.github.com/alibaba/nacos/issues/11943";>#11943</a> Record users for import configs. <a href="https://redirect.github.com/alibaba/nacos/issues/11957";>#11957</a> Remove default password for user <code>nacos</code>. <a href="https://redirect.github.com/alibaba/nacos/issues/12130";>#12130</a> Add metadata as labels in prometheus http sd. <a href="https://redirect.github.com/alibaba/nacos/issues/12162";>#12162</a> Support aliyun ram v4 signature method.</p> <h2>Enhancement&Refactor</h2> <p><a href="https://redirect.github.com/alibaba/nacos/issues/11956";>#11956</a> Refactor nacos client logging module, use SPI load current logger adapter. <a href="https://redirect.github.com/alibaba/nacos/issues/12013";>#12013</a> Enhance to fast config Nacos memory setting in startup.sh by environment CUSTOM_NACOS_MEMORY. <a href="https://redirect.github.com/alibaba/nacos/issues/12072";>#12072</a> Support does not impose any limit when totalCountLimit is less than 0. <a href="https://redirect.github.com/alibaba/nacos/issues/12166";>#12166</a> Enhance nacos client init properties logger. <a href="https://redirect.github.com/alibaba/nacos/issues/12177";>#12177</a> Update console header link to new nacos.io.</p> <h2>BugFix</h2> <p><a href="https://redirect.github.com/alibaba/nacos/issues/10639";>#10639</a> Fix the <code>encrypted_data_key</code> is text type so that old version can't upgrade directly. <a href="https://redirect.github.com/alibaba/nacos/issues/11902";>#11902</a> Fix leak of request and response for java native runtime for nacos-client. <a href="https://redirect.github.com/alibaba/nacos/issues/11926";>#11926</a> Fix Nacos can't triggle self protection when disk full in some OS. <a href="https://redirect.github.com/alibaba/nacos/issues/11951";>#11951</a> Fix the problem that the serviceName and groupName are not resolved correctly when deleting an empty service instance. <a href="https://redirect.github.com/alibaba/nacos/issues/11967";>#11967</a> Fix Config can't publish and listen when dataId contains some special words in Window OS. <a href="https://redirect.github.com/alibaba/nacos/issues/11968";>#11968</a> Fix Multiple config change plugin implementation configuration conflicts problem. <a href="https://redirect.github.com/alibaba/nacos/issues/12022";>#12022</a> Fix nacos datasource plugin ClassCastException problem. <a href="https://redirect.github.com/alibaba/nacos/issues/12046";>#12046</a> Fix cipher-aes config encrypt plugin not effect when publish config again. <a href="https://redirect.github.com/alibaba/nacos/issues/12060";>#12060</a> Fix too large ttl when auth disabled. <a href="https://redirect.github.com/alibaba/nacos/issues/12146";>#12146</a> Fix the operation type does not display when rolling back a configuration with a delete operation type. <a href="https://redirect.github.com/alibaba/nacos/issues/12168";>#12168</a> Fix the labels of the query conditions on the Permission Control - Role Management page are still displayed in Chinese after switching the system language to English.</p> <h2>Dependency</h2> <p><a href="https://redirect.github.com/alibaba/nacos/issues/11904";>#11904</a> Bump Spring Security to 5.7.12. <a href="https://redirect.github.com/alibaba/nacos/issues/11975";>#11975</a> Remove unused dependency javatuple. <a href="https://redirect.github.com/alibaba/nacos/issues/11980";>#11980</a> Bump spring framework to 5.3.34. <a href="https://redirect.github.com/alibaba/nacos/issues/12135";>#12135</a> Upgrade module naocs-console from junit4 to junit5.</p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ldyedu";><code>@​ldyedu</code></a> made their first contribution in <a href="https://redirect.github.com/alibaba/nacos/pull/10905";>alibaba/nacos#10905</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/alibaba/nacos/commits/2.4.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@eventmesh.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@eventmesh.apache.org For additional commands, e-mail: dev-h...@eventmesh.apache.org
