Apache/lucene
1
0
Fork 0
mirror of https://github.com/apache/lucene.git synced 2025-02-13 21:45:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
32,491 Commits 29 Branches 469 Tags
Commit Graph

13533 Commits

Author SHA1 Message Date
Andrzej Bialecki
5865893e64 SOLR-13831: Context property _loop_iter_ should be a string in order to support 
variable expansion.
 2019-12-05 18:27:43 +01:00
Robert Muir
e6728cdf64 SOLR-13993: sandbox velocity template render (if security manager is enabled) 
The solr permissions are weak sauce due to the huge number of features, third-party dependencies, etc.

Hence they have access to do many things. For "scripting" such as velocity we have to look at a more aggressive stance:

Step 1: Can we wrap a sandbox around the whole goddamn thing and call it a day?
Step 2: Let's separate the "engine" from "untrusted code" and only be an asshole to the latter.
Step 3: Java's security is shit, Lets contain that classloader and whitelist access.
 2019-12-05 01:36:58 -05:00
Munendra S N
2d2f4b9521 SOLR-11706: add support for aggregation on multivalued fields 
* min, max, sum, sumsq, avg, stddev, variance, percentile aggregations
  in JSON facets now supports multivalued fields
 2019-12-05 11:01:50 +05:30
Robert Muir
5325c29cf9 SOLR-14015: remove blanket filesystem read access from solr-tests.policy 
Restrict this to only minimal paths like lucene. It is the defense for directory traversal attacks.
It will also help find bad bugs where things are reading filesystem in the wrong locations.
 2019-12-05 00:06:57 -05:00
Andrzej Bialecki
6ebe4d16d2 SOLR-13981: Remove unused DistributedQueue interface. (Andras Salamon) 2019-12-04 11:14:07 +01:00
Anshum Gupta
b4375cc235
SOLR-13998: Add thread safety annotations to classes (#1053) (#1057) 2019-12-04 12:09:22 +05:30
Robert Muir
11f1c958eb SOLR-14002: fix another static leak in test 2019-12-03 22:44:07 -05:00
Robert Muir
08720cf5c0 SOLR-14000: clean up more static field leaks in tests 
On windows, these objects can't be inspected due to security restrictions. So the test runner fails the tests since it does not know how big the leak is.
 2019-12-03 18:53:43 -05:00
Jeff
dc15f2e563 SOLR-13926: javadocs on CompositeIdRouter 
Closes #1009

(cherry picked from commit 16f793915ec6dfceecf0267c66ac0c051da2d0c4)
 2019-12-03 17:45:09 -05:00
Robert Muir
72b86bc222 fix static leaks, null stuff out in afterclass 2019-12-03 06:28:52 -05:00
Robert Muir
55b77358cf SOLR-13982: set security-related http response headers by default 
Unfortunately, as a first start this is very weak protection against
e.g. XSS.  This is because some 'unsafe-xxx' rules must be present due
to the insecurity of angular JS: Until SOLR-13987 is fixed, XSS & co are
still easy.
 2019-12-03 06:18:11 -05:00
noble
664d93591f SOLR-13995: Move ZkShardTerms.Terms to SolrJ 2019-12-03 15:37:22 +11:00
Noble Paul
80abab2935 SOLR-13992: Refactor code to have collection, shard name in Replica,Slice (#1051) 
* SOLR-13992: Refactor code to have collection name shard name in Replica,Slice
 2019-12-03 13:12:23 +11:00
Cassandra Targett
0ebb62a9f2 SOLR-13885: various Ref Guide typos. This closes #990 2019-12-02 13:38:06 -06:00
Shalin Shekhar Mangar
ba95111d71 SOLR-13805: NPE when calling /solr/admin/info/health on standalone solr 
(cherry picked from commit 5a697344ed1be537ef2acdd18aab653283593370)
 2019-11-30 10:04:44 +05:30
Jan Høydahl
325e72c45f SOLR-13977: solr create -c not working under Windows 10 
(cherry picked from commit 936f4b6ee9cd8c7f9a17800aadc8c5a91bdf74f6)
 2019-11-29 13:07:50 +01:00
Bruno Roustant
1927e850c8
SOLR-13968: Support postingsFormat and docValuesFormat in schema fields. 
Closes #1039
 2019-11-28 17:17:23 +01:00
David Smiley
8b2d8d0947 SOLR-13971: Revert changes to the default configset. * clarified these are Java system properties * trivial dead code change; Boolean.getBoolean returns a primitive 2019-11-28 11:07:51 -05:00
Ishan Chattopadhyaya
26b5506290 8.3.1 release: CHANGES got misaligned 2019-11-28 19:41:07 +05:30
Ishan Chattopadhyaya
bf2899fb00 SOLR-13971: Renamed the velocity template parameter names 2019-11-28 15:44:19 +05:30
Jan Høydahl
ee39b15b86 SOLR-13969: Clean up and document AuditEvent API (#1041) 
(cherry picked from commit 9f78482295819ba10a383d3027c1d6313c6e2e7d)
 2019-11-28 09:57:01 +01:00
Ishan Chattopadhyaya
05c5bcc8b3 SOLR-13971: Removing velocity from _default and disabling custom template support by default 2019-11-28 07:54:37 +05:30
Andrzej Bialecki
2144bc9b4e Fix the list of common handler metrics. 2019-11-27 16:01:27 +01:00
Jonathan Pool
c2542b6a76 Correct inconsistency on plugin support (#272) 
(cherry picked from commit a5ab17db82aa030f3ace7d05f347e9e60db6adca)
 2019-11-27 08:56:26 +01:00
Eduardo Leggiero
316e130409 Removed extra whitespace (#292) 
(cherry picked from commit 70c5942f3d084b62c67e1d37f22ba97bcd1b9b2b)
 2019-11-27 08:51:51 +01:00
noble
4ad3902137 SOLR-13963: JavaBinCodec has concurrent modification of CharArr resulting in corrupt internode updates 2019-11-26 08:22:48 +11:00
Thomas Wöckinger
5e24a010e0 SOLR-13961: Allow null/empty for removal of child doc in atomic update 
Cherry pick: b5fd6d7b22002a06bdc626999a6a527ff6f46488
 2019-11-25 10:46:48 -05:00
Jan Høydahl
340b238f1c SOLR-12193: reverting one line back to trace 
(cherry picked from commit 592ea19eff0a0d4225f92d0b96bfb3c9559c077e)
 2019-11-24 00:06:47 +01:00
Jan Høydahl
5f11efb2d5 SOLR-12193: Move some log messages to TRACE level, remove some dead code 
(cherry picked from commit d809bc27f1b5cd6d97e0bfe688c99d481bc42d39)
 2019-11-24 00:03:36 +01:00
Jan Høydahl
3adb0903bf SOLR-13465 CoreContainer.auditloggerPlugin should be volatile (#672) 
(cherry picked from commit 312431b1821a67c9ddb7e219b9203d6fd7bdd5df)
 2019-11-23 01:29:31 +01:00
Jan Høydahl
29e172f6e2 SOLR-13905 Make findRequestType in AuditEvent more robust (#1014) 
(cherry picked from commit e45c5ce9b9e70650f119976b8b2d91b3c760cb48)
 2019-11-22 23:35:44 +01:00
Eric Pugh
4b37fb0c8f SOLR-13947: Document how to load your own streaming plugins (#1025) 2019-11-22 11:26:24 -08:00
Tomas Fernandez Lobbe
65888d0542 SOLR-13950: Add attribution 2019-11-22 11:07:30 -08:00
Andy Vuong
a25ecd7f30 SOLR-13950: Fix getLeaderRetry swallowing interrupt in ZkStateReader (#1023) 
Let InterruptedException bubble up
 2019-11-22 11:07:25 -08:00
Munendra S N
2ba55b7e3c SOLR-13912: add support for countvals aggregation in JSON facet module 
* This aggregation is equivalent to StatsComponent's count
 2019-11-22 18:38:49 +05:30
Chris Hostetter
070b691b1f SOLR-13946: Fix SpellCheckCollatorTest.testEstimatedHitCounts lower/upper bounds to match computable values based on random merge policies 
(cherry picked from commit 8f30f6436c13d757ea70d1168be5442810709130)
 2019-11-21 11:46:56 -07:00
Tomas Fernandez Lobbe
4a3c15f118 SOLR-13907: Cloud view tree - fixed placement 2019-11-20 10:57:00 -08:00
Jan Høydahl
58d5680a90 SOLR-13941: Configure JettySolrRunner same as in web.xml (#1018) 
(cherry picked from commit f00bcd560901ebed420c51e52fda788ae8654103)
 2019-11-20 10:31:23 +01:00
Cassandra Targett
cebd6eddd2 SOLR-13782: add CHANGES entry 2019-11-19 15:57:38 -06:00
Cassandra Targett
5a24379b1b SOLR-13782: Remove PDF Ref Guide build (#999) 
closes #999
 2019-11-19 15:55:28 -06:00
Andrzej Bialecki
4837e62989 SOLR-13898: Add more information to the failure message. 2019-11-19 16:58:20 +01:00
Adrien Grand
cb1a72ad16 LUCENE-9027: Use SIMD instructions to decode postings. (#973) 2019-11-19 10:29:36 +01:00
Chris Hostetter
8759dea69a SOLR-13943: AwaitsFix TimeRoutedAliasUpdateProcessorTest.testDateMathInStart 
(cherry picked from commit 59465c20c462147f0239449ea43f4844cfa585c2)
 2019-11-18 16:32:41 -07:00
Chris Hostetter
cb72085ee8 HdfsRecoveryZkTest & HdfsNNFailoverTest: Remove @BadApple anotation 
These tests were originally anotated @BadApple in early 2018 as pat of SOLR-12028.

Neither test has failed since 2018-12-28.

Since we no longer have logs from those older jenkins builds, it's hard to be certain how/why this
test was failing, or why exactly it stopped failing – but it's possible the underlying issues were
addressed by general hardening of SolrCloud and the associated base test classes around the same time.

(cherry picked from commit 1411aaee94d49f26c55272f3876a4261357467c8)
 2019-11-18 14:32:21 -07:00
Mikhail Khludnev
1c0c244129 LUCENE-9036: ExitableDirectoryReader checks timeout on DocValues access. 2019-11-18 23:37:10 +03:00
Chris Hostetter
3b7e33790a SOLR-13924: AwaitsFix: MoveReplicaHDFSTest 
(cherry picked from commit f9076d85cf4804db3eedb23f9ef616f050d328db)
 2019-11-18 09:58:41 -07:00
Ishan Chattopadhyaya
e435d92084 SOLR-13662, SOLR-13822: Fixing bug with refresh API, un-ignoring the test and new reference guide on Package Management 2019-11-18 04:00:42 +05:30
Ishan Chattopadhyaya
1e0e5d1b08 SOLR-13662: Ignoring the PackageManagerCLITest until further investigation of failures 2019-11-17 06:05:20 +05:30
Chris Hostetter
e6dc96d4d8 TestDistributedStatsComponentCardinality: Remove @BadApple anotation 
This test was originally anotated @BadApple ~2018-10-14 as pat of SOLR-12028.

So far in 2019, it has failed in 62 jenkins-BadApple builds, but all prior to 2019-06-14.

Since we no longer have logs from those older jenkins builds, it's hard to be certain how/why
this test was failing, or why exactly it *stopped* failing -- but a likely suspect is that
the root cause of the problem may have been fixed as part of the Jetty upgrade in SOLR-13541.

(cherry picked from commit 3fb39b2960ae3b04d8f97a683a8c9daaef3f4696)
 2019-11-16 08:08:08 -07:00
Munendra S N
5cce058631 SOLR-13911: add support for missing aggregation in JSON facet module 
* This missing aggregation is equivalent to StatsComponent's missing
 2019-11-16 12:13:16 +05:30