Commit Graph

32686 Commits

Author SHA1 Message Date
Christine Poerschke df933f8104 SOLR-14030: fix 2 javac warnings: [dep-ann] deprecated item is not annotated with @Deprecated 2019-12-09 14:13:52 +00:00
Christine Poerschke 49631ace9f LUCENE-8996: maxScore was sometimes missing from distributed grouped responses.
(Julien Massenet, Diego Ceccarelli, Munendra S N, Christine Poerschke)
2019-12-09 13:09:44 +00:00
Andrzej Bialecki 86cab79730 SOLR-13979: Expose separate metrics for distributed and non-distributed requests. 2019-12-09 13:46:33 +01:00
Jan Høydahl 0d78535dcf SOLR-13977: Move changes entry to 8.4 2019-12-09 10:27:53 +01:00
Daiki Tsuzuku 79007128e3 LUCENE-9085: Fix assertion in CharacterUtils (#1067) 2019-12-09 08:32:07 +01:00
Munendra S N df508ffe01 SOLR-11706: fix for multivalued trie date in min/max and more tests
* selecting single value for multivalued trie date field is not
  supported.
* add additional tests for variance, unique, hll aggregations
2019-12-08 10:49:37 +05:30
Michael Gibney 8e9876f516 SOLR-7798: robust support for expand when used w/o collapsing (#325)
There are applications of ExpandComponent that intentionally do not
involve prior collapsing of results on the expand field, which can lead
to an NPE in expand component when expand.field (for matched docs) has
fewer unique values than the number of matched docs.

This commit refines the approach taken in SOLR-13877, which addressed
the same underlying issue.
2019-12-08 09:59:33 +05:30
ngomx 07e4d86207
SOLR-13818: Upgrade jackson to 2.10.0
Signed-off-by: Kevin Risden <krisden@apache.org>
2019-12-07 19:09:18 -05:00
Kevin Risden f9e15839bf
SOLR-13987: Admin UI should not rely on javascript eval()
* Removes `'unsafe-eval'` from CSP `script-src`
* Enables Angular CSP mode
* Removes `eval()` JSON parsing in `cloud.js`
* Removes `jstree` themes error

Signed-off-by: Kevin Risden <krisden@apache.org>
2019-12-07 16:40:04 -05:00
Kevin Risden 7c8635d600
SOLR-14028: Fix test permissions for TestSolrCLIRunExample
Signed-off-by: Kevin Risden <krisden@apache.org>
2019-12-07 16:32:11 -05:00
Munendra S N a1e51cd777 SOLR-11706: minor refactors
* rename stdDev, variance methods to reflect the functionality
* add util functions to compute corrected stdDev and variance
* use DocValuesIterator#advanceExact to check if values exists for the doc
2019-12-07 11:16:25 +05:30
Erick Erickson 7d5d44a3c4 SOLR-13988: Harden CreateCollectionCleanupTest. Incorporate Dawid Weiss' suggestion for windows 2019-12-06 19:10:27 -05:00
Mike 155ab116a2
Revert "SOLR-13990: Switch out woodstox-core-asl with aalto-xml and upgrade woodstox stax-2 API (#1050)" (#1063)
This reverts commit 2387bb9d60.
2019-12-06 17:08:40 -06:00
Jason Gerlowski 62e0222aef SOLR-13087: Remove 'whoami' usage in bin/solr
whoami displays a warning if the effective-uid is not in /etc/password.
This can happen in certain situations when running in a docker
container.  This replaces the 'whoami' usage with a safer check.
2019-12-06 15:31:37 -05:00
Dawid Weiss a7444f7af4 LUCENE-9077: Add support for running under gradle test runner. 2019-12-06 19:00:50 +01:00
Erick Erickson 106b9d6866 SOLR-13988: Harden CreateCollectionCleanupTest 2019-12-06 11:59:53 -05:00
Dawid Weiss 9ec8a86d69 LUCENE-9077: Add support for running under gradle test runner. 2019-12-06 16:31:32 +01:00
Kevin Risden dad933b933
SOLR-14001: fix HdfsBackupRepositoryTest on windows
Signed-off-by: Kevin Risden <krisden@apache.org>
2019-12-06 09:49:13 -05:00
Jan Høydahl 7417fa1cf3
SOLR-13954: Embedded ZooKeeper in Solr now does not try to load JettyAdminServer (#1059) 2019-12-06 11:03:23 +01:00
Robert Muir 33ca971d2b SOLR-14020: move hadoop hacks out of lucene TestSecurityManager into a solr one 2019-12-05 14:53:23 -05:00
Andrzej Bialecki d2b01ef28f SOLR-13831: Context property _loop_iter_ should be a string in order to support
variable expansion.
2019-12-05 18:27:12 +01:00
Anshum Gupta 2387bb9d60
SOLR-13990: Switch out woodstox-core-asl with aalto-xml and upgrade woodstox stax-2 API (#1050) 2019-12-05 18:37:53 +05:30
Robert Muir e77027dd8c SOLR-13993: sandbox velocity template render (if security manager is enabled)
The solr permissions are weak sauce due to the huge number of features, third-party dependencies, etc.

Hence they have access to do many things. For "scripting" such as velocity we have to look at a more aggressive stance:

Step 1: Can we wrap a sandbox around the whole goddamn thing and call it a day?
Step 2: Let's separate the "engine" from "untrusted code" and only be an asshole to the latter.
Step 3: Java's security is shit, Lets contain that classloader and whitelist access.
2019-12-05 01:06:38 -05:00
Munendra S N 12e8cca644 SOLR-11706: add support for aggregation on multivalued fields
* min, max, sum, sumsq, avg, stddev, variance, percentile aggregations
  in JSON facets now supports multivalued fields
2019-12-05 10:48:22 +05:30
Robert Muir c4126ef858 SOLR-14015: remove blanket filesystem read access from solr-tests.policy
Restrict this to only minimal paths like lucene. It is the defense for directory traversal attacks.
It will also help find bad bugs where things are reading filesystem in the wrong locations.
2019-12-04 23:16:19 -05:00
Andrzej Bialecki f71c2c8e92 SOLR-13981: Remove unused DistributedQueue interface. (Andras Salamon) 2019-12-04 11:23:49 +01:00
Ishan Chattopadhyaya 2096b1a52e Add back-compat indices for 8.3.1 2019-12-04 10:17:27 +05:30
Ishan Chattopadhyaya 98c427f48a Add bugfix version 8.3.1 2019-12-04 10:07:08 +05:30
Ishan Chattopadhyaya 3ee7a960b8 DOAP changes for release 8.3.1 2019-12-04 09:59:12 +05:30
Robert Muir 8f6921d47b SOLR-14001: fix HDFS jaas on 32bit, unix, old jdk, etc 2019-12-03 23:12:27 -05:00
Robert Muir becc16fb28 SOLR-14002: fix another static leak in test 2019-12-03 22:43:11 -05:00
Robert Muir 165529767b SOLR-14000: clean up more static field leaks in tests
On windows, these objects can't be inspected due to security restrictions. So the test runner fails the tests since it does not know how big the leak is.
2019-12-03 18:51:00 -05:00
Jeff 16f793915e SOLR-13926: javadocs on CompositeIdRouter
Closes #1009
2019-12-03 17:43:01 -05:00
Anshum Gupta 09df6647ac
SOLR-13998: Add thread safety annotations to classes (#1053) 2019-12-04 01:19:56 +05:30
David Smiley 323b214dc3 GitHub PR template: inform committers this can be removed 2019-12-03 12:23:30 -05:00
Dawid Weiss 0f61aa9516 Forbidden APIs: add missing root locale. 2019-12-03 13:07:23 +01:00
Dawid Weiss 6f0842eaa5 Use toLowerCase with an explicit locale in CheckLinksAndAnchors. 2019-12-03 13:01:43 +01:00
Robert Muir 9e5d11be8a fix static leaks, null stuff out in afterclass 2019-12-03 06:28:19 -05:00
Robert Muir c8c9c10023 SOLR-13982: set security-related http response headers by default
Unfortunately, as a first start this is very weak protection against
e.g. XSS.  This is because some 'unsafe-xxx' rules must be present due
to the insecurity of angular JS: Until SOLR-13987 is fixed, XSS & co are
still easy.
2019-12-03 06:12:33 -05:00
Adrien Grand 441abb8319 Fix CHANGES formatting. 2019-12-03 11:28:36 +01:00
noble a51c7b89f2 SOLR-13995: Move ZkShardTerms.Terms to SolrJ 2019-12-03 15:16:34 +11:00
Noble Paul d8f9f47ca0
SOLR-13992: Refactor code to have collection, shard name in Replica,Slice (#1051)
* SOLR-13992: Refactor code to have collection name shard name in Replica,Slice
2019-12-03 13:10:19 +11:00
Robert Muir aebf7f7a46 SOLR-13991: clean up permissions in solr-tests.policy AKA break all the tests to hell, please ping the issue for repeated test failures 2019-12-02 20:34:40 -05:00
Cassandra Targett de1c9fb9e8 SOLR-13885: various Ref Guide typos. This closes #990 2019-12-02 13:33:45 -06:00
Mikhail Khludnev eb3a4757ff LUCENE-9073: IntervalQuery expose field on toString and explain 2019-12-02 19:12:05 +03:00
Bruno Roustant 71f1bc33b3
LUCENE-9045: Do not use TreeMap/TreeSet in BlockTree and PerFieldPostingsFormat.
Closes #1007
2019-12-02 14:30:24 +01:00
Robert Muir 2cd4a8ac9a LUCENE-9076: give replicator its own policy rather than reusing solr policy 2019-12-02 06:55:02 -05:00
Robert Muir 1d238c844e SOLR-13986: remove execute permission from solr-tests.policy 2019-12-02 05:36:29 -05:00
Shalin Shekhar Mangar 5a697344ed SOLR-13805: NPE when calling /solr/admin/info/health on standalone solr 2019-11-30 10:04:00 +05:30
Jan Høydahl 936f4b6ee9 SOLR-13977: solr create -c not working under Windows 10 2019-11-29 01:22:06 +01:00