Apache/lucene
1
0
Fork 0
mirror of https://github.com/apache/lucene.git synced 2025-02-07 02:28:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
32,688 Commits 29 Branches 469 Tags
Commit Graph

13622 Commits

Author SHA1 Message Date
Dawid Weiss
226f5490a0 Correct lucene version passed to tests to be stripped of qualifiers. 2019-12-06 13:05:10 +01:00
Dawid Weiss
8e81037180 Merging with master, updating deps. 2019-12-06 12:16:07 +01:00
Dawid Weiss
f371df327f Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-06 11:57:29 +01:00
Jan Høydahl
7417fa1cf3
SOLR-13954: Embedded ZooKeeper in Solr now does not try to load JettyAdminServer (#1059) 2019-12-06 11:03:23 +01:00
Robert Muir
33ca971d2b SOLR-14020: move hadoop hacks out of lucene TestSecurityManager into a solr one 2019-12-05 14:53:23 -05:00
Andrzej Bialecki
d2b01ef28f SOLR-13831: Context property _loop_iter_ should be a string in order to support 
variable expansion.
 2019-12-05 18:27:12 +01:00
Anshum Gupta
2387bb9d60
SOLR-13990: Switch out woodstox-core-asl with aalto-xml and upgrade woodstox stax-2 API (#1050) 2019-12-05 18:37:53 +05:30
Dawid Weiss
1a24ccb4ee Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-05 11:17:34 +01:00
Robert Muir
e77027dd8c SOLR-13993: sandbox velocity template render (if security manager is enabled) 
The solr permissions are weak sauce due to the huge number of features, third-party dependencies, etc.

Hence they have access to do many things. For "scripting" such as velocity we have to look at a more aggressive stance:

Step 1: Can we wrap a sandbox around the whole goddamn thing and call it a day?
Step 2: Let's separate the "engine" from "untrusted code" and only be an asshole to the latter.
Step 3: Java's security is shit, Lets contain that classloader and whitelist access.
 2019-12-05 01:06:38 -05:00
Munendra S N
12e8cca644 SOLR-11706: add support for aggregation on multivalued fields 
* min, max, sum, sumsq, avg, stddev, variance, percentile aggregations
  in JSON facets now supports multivalued fields
 2019-12-05 10:48:22 +05:30
Robert Muir
c4126ef858 SOLR-14015: remove blanket filesystem read access from solr-tests.policy 
Restrict this to only minimal paths like lucene. It is the defense for directory traversal attacks.
It will also help find bad bugs where things are reading filesystem in the wrong locations.
 2019-12-04 23:16:19 -05:00
Andrzej Bialecki
f71c2c8e92 SOLR-13981: Remove unused DistributedQueue interface. (Andras Salamon) 2019-12-04 11:23:49 +01:00
Robert Muir
becc16fb28 SOLR-14002: fix another static leak in test 2019-12-03 22:43:11 -05:00
Robert Muir
165529767b SOLR-14000: clean up more static field leaks in tests 
On windows, these objects can't be inspected due to security restrictions. So the test runner fails the tests since it does not know how big the leak is.
 2019-12-03 18:51:00 -05:00
Jeff
16f793915e SOLR-13926: javadocs on CompositeIdRouter 
Closes #1009
 2019-12-03 17:43:01 -05:00
Anshum Gupta
09df6647ac
SOLR-13998: Add thread safety annotations to classes (#1053) 2019-12-04 01:19:56 +05:30
Dawid Weiss
7c26c6de02 Merge remote-tracking branch 'origin/master' into gradle-master 2019-12-03 18:45:12 +01:00
Dawid Weiss
49bab132b1 Applying two forbidden api check violations (applied to master). 2019-12-03 14:26:02 +01:00
Dawid Weiss
0f61aa9516 Forbidden APIs: add missing root locale. 2019-12-03 13:07:23 +01:00
Dawid Weiss
6f0842eaa5 Use toLowerCase with an explicit locale in CheckLinksAndAnchors. 2019-12-03 13:01:43 +01:00
Robert Muir
9e5d11be8a fix static leaks, null stuff out in afterclass 2019-12-03 06:28:19 -05:00
Robert Muir
c8c9c10023 SOLR-13982: set security-related http response headers by default 
Unfortunately, as a first start this is very weak protection against
e.g. XSS.  This is because some 'unsafe-xxx' rules must be present due
to the insecurity of angular JS: Until SOLR-13987 is fixed, XSS & co are
still easy.
 2019-12-03 06:12:33 -05:00
noble
a51c7b89f2 SOLR-13995: Move ZkShardTerms.Terms to SolrJ 2019-12-03 15:16:34 +11:00
Noble Paul
d8f9f47ca0
SOLR-13992: Refactor code to have collection, shard name in Replica,Slice (#1051) 
* SOLR-13992: Refactor code to have collection name shard name in Replica,Slice
 2019-12-03 13:10:19 +11:00
Cassandra Targett
de1c9fb9e8 SOLR-13885: various Ref Guide typos. This closes #990 2019-12-02 13:33:45 -06:00
Dawid Weiss
d4a9842375 Initial gradle build layer. 2019-12-02 15:34:57 +01:00
Shalin Shekhar Mangar
5a697344ed SOLR-13805: NPE when calling /solr/admin/info/health on standalone solr 2019-11-30 10:04:00 +05:30
Jan Høydahl
936f4b6ee9 SOLR-13977: solr create -c not working under Windows 10 2019-11-29 01:22:06 +01:00
Jan Høydahl
48010ffc9f Add 8.3.1 CHANGES entry for SOLR-13465, SOLR-13941 and SOLR-13905 2019-11-28 20:56:57 +01:00
David Smiley
6a72b81ed3 SOLR-13971: Revert changes to the default configset. 
* clarified these are Java system properties
* trivial dead code change; Boolean.getBoolean returns a primitive
 2019-11-28 10:45:58 -05:00
Bruno Roustant
b4cc3c6ad2
SOLR-13968: Support postingsFormat and docValuesFormat in schema fields. 
Closes #1039
 2019-11-28 16:13:10 +01:00
Ishan Chattopadhyaya
212593d362 SOLR-13971: Renamed the velocity template parameter names 2019-11-28 15:46:26 +05:30
Jan Høydahl
9f78482295
SOLR-13969: Clean up and document AuditEvent API (#1041) 2019-11-28 09:55:11 +01:00
Ishan Chattopadhyaya
50e8cea918 SOLR-13971: Removing velocity from _default and disabling custom template support by default 2019-11-28 07:52:43 +05:30
Andrzej Bialecki
47a908a0b9 Fix the list of common handler metrics. 2019-11-27 15:59:53 +01:00
Jonathan Pool
a5ab17db82 Correct inconsistency on plugin support (#272) 2019-11-27 08:55:52 +01:00
Eduardo Leggiero
70c5942f3d Removed extra whitespace (#292) 2019-11-27 08:50:12 +01:00
noble
6c7a095f33 SOLR-13963: JavaBinCodec has concurrent modification of CharArr resulting in corrupt internode updates 2019-11-26 08:12:23 +11:00
Dawid Weiss
063c82ebd6 SOLR-13952: reverting Erick's commit (with permission). 2019-11-25 17:56:20 +01:00
Thomas Wöckinger
b5fd6d7b22 SOLR-13961: Allow null/empty for removal of child doc in atomic update 
Closes #1030
 2019-11-25 09:57:07 -05:00
Erick Erickson
f1cf3db588 SOLR-13952: Separate out Gradle-specific code from other (mostly test) changes and commit separately, forgot CHANGES.txt 2019-11-24 13:31:45 -05:00
Erick Erickson
4b34d726ab SOLR-13952: Separate out Gradle-specific code from other (mostly test) changes and commit separately 2019-11-24 13:24:40 -05:00
Jan Høydahl
592ea19eff SOLR-12193: reverting one line back to trace 2019-11-24 00:06:07 +01:00
Jan Høydahl
d809bc27f1 SOLR-12193: Move some log messages to TRACE level, remove some dead code 2019-11-23 23:57:59 +01:00
Jan Høydahl
312431b182
SOLR-13465 CoreContainer.auditloggerPlugin should be volatile (#672) 2019-11-23 01:21:47 +01:00
Jan Høydahl
e45c5ce9b9
SOLR-13905 Make findRequestType in AuditEvent more robust (#1014) 2019-11-22 23:34:20 +01:00
Eric Pugh
537862d5bb Document how to load your own streaming plugins (#1025) 2019-11-22 11:16:57 -08:00
Tomas Fernandez Lobbe
37512dad48 SOLR-13950: Add attribution 2019-11-22 11:06:45 -08:00
Andy Vuong
4910c0f558 SOLR-13950: Fix getLeaderRetry swallowing interrupt in ZkStateReader (#1023) 
Let InterruptedException bubble up
 2019-11-22 11:04:45 -08:00
Munendra S N
2740d90dee SOLR-13912: add support for countvals aggregation in JSON facet module 
* This aggregation is equivalent to StatsComponent's count
 2019-11-22 18:16:20 +05:30