Commit Graph

2014 Commits

Author SHA1 Message Date
Andriy Redko d8a1ba6912
[CVE-2020-36518] Update jackson-databind to 2.13.2.2 (#2599)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-03-29 12:24:37 -04:00
Andriy Redko 223efe68e6
Update Gradle to 7.4.1 (#2078)
* Update Gradle to 7.4.1

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>

* Address code review comments, added @PathSensitive(PathSensitivity.RELATIVE) where applicable

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-03-29 12:23:08 -04:00
dependabot[bot] 8f4aec109d
Bump forbiddenapis in /buildSrc/src/testKit/thirdPartyAudit (#2611)
Bumps [forbiddenapis](https://github.com/policeman-tools/forbidden-apis) from 3.2 to 3.3.
- [Release notes](https://github.com/policeman-tools/forbidden-apis/releases)
- [Commits](https://github.com/policeman-tools/forbidden-apis/compare/3.2...3.3)

---
updated-dependencies:
- dependency-name: de.thetaphi:forbiddenapis
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-28 13:13:49 -07:00
dependabot[bot] dd79352baa
Bump json-schema-validator from 1.0.67 to 1.0.68 in /buildSrc (#2610)
Bumps [json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.0.67 to 1.0.68.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](https://github.com/networknt/json-schema-validator/compare/1.0.67...1.0.68)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-28 12:40:23 -05:00
Andriy Redko d4ce87bddc
Fix build-tools/reaper source/target compatibility to be JDK-11 (#2596)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-03-25 17:53:16 -04:00
Nick Knize db7f4b0848
[Upgrade] Lucene 9.1 release (#2560)
Upgrades to the official 9.1 release

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2022-03-23 07:26:18 -05:00
Peter Nied d43235c5cf
Move Jackson-databind to 2.13.2 (#2548)
Resolves CVE-2020-36518

Signed-off-by: Peter Nied <petern@amazon.com>
2022-03-21 18:44:13 -05:00
dependabot[bot] a9932058cd
Bump wiremock-jre8-standalone from 2.23.2 to 2.32.0 in /buildSrc (#2525)
Bumps [wiremock-jre8-standalone](https://github.com/wiremock/wiremock) from 2.23.2 to 2.32.0.
- [Release notes](https://github.com/wiremock/wiremock/releases)
- [Commits](https://github.com/wiremock/wiremock/compare/2.23.2...2.32.0)

---
updated-dependencies:
- dependency-name: com.github.tomakehurst:wiremock-jre8-standalone
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-21 17:51:16 -04:00
dependabot[bot] 84cba7b0f6
Bump jna from 5.5.0 to 5.10.0 in /buildSrc (#2512)
Bumps [jna](https://github.com/java-native-access/jna) from 5.5.0 to 5.10.0.
- [Release notes](https://github.com/java-native-access/jna/releases)
- [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md)
- [Commits](https://github.com/java-native-access/jna/compare/5.5.0...5.10.0)

---
updated-dependencies:
- dependency-name: net.java.dev.jna:jna
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-19 14:47:56 -07:00
Tianli Feng 19eadb46ba
Deprecate setting 'cluster.initial_master_nodes' and introduce the alternative setting 'cluster.initial_cluster_manager_nodes' (#2463)
* Deprecate setting cluster.initial_master_nodes, and add setting cluster.initial_cluster_manager_nodes

Signed-off-by: Tianli Feng <ftianli@amazon.com>
2022-03-18 14:55:49 -07:00
dependabot[bot] 9c4d7d92b3
Bump json-schema-validator from 1.0.36 to 1.0.67 in /buildSrc (#2454)
Bumps [json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.0.36 to 1.0.67.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](https://github.com/networknt/json-schema-validator/compare/1.0.36...1.0.67)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-18 12:18:07 -07:00
Nick Knize e0ebf40964
[Upgrade] ICU4j from 68.2 to 70.1 (#2504)
Upgrade ICU4j to 70.1 to be consistent with Lucene 9.1 dependency.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2022-03-18 11:28:48 -05:00
Nick Knize 05a5819243
[Upgrade] Lucene 9.1.0-snapshot-ea989fe8f30 (#2487)
* [Upgrade] Lucene 9.1.0-snapshot-ea989fe8f30

Upgrades from Lucene 9.0.0 to 9.1.0-snapshot-ea989fe8f30 in preparation for
9.1.0 GA.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>

* Add spanishplural token filter

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>

* fix KNOWN_TOKENIZERS

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2022-03-16 15:47:25 -04:00
Rishikesh Pasham 10b9986e12
Override Default Distribution Download Url with Custom Distribution Url when it is passed from Plugin (#2420)
* Override default Distribution Download URL with custom Distribution URL

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Accidently made commit to main branch, this revives it.Override default Distribution Download URL with custom Distribution URL

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Override Default DistributionDownloadUrl with customDistribution Url passed from Plugins

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>
2022-03-15 14:01:28 -07:00
Nick Knize 006c832c5f
[Upgrade] Lucene 9.0.0 release (#1109)
This commit upgrades the core codebase from Lucene 8.10.1 to
lucene 9.0.0. It includes all necessary refactoring of features and
API changes when upgrading to a new major Lucene release.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
Co-authored-by: Andriy Redko <drreta@gmail.com>
2022-03-15 15:48:13 -05:00
Nick Knize 5a9a11416d
[Remove] TrimUnsafeCommit logic for legacy 6.x indexes (#2225)
* [Remove] TrimUnsafeCommit logic for legacy 6.x indexes

Multiple txlog commits was introduced in legacy 7.x. Legacy 6.x indexes could
therefore not have a safe commit. Since OpenSearch 2.0 is no longer compatible
with legacy 6.x indexes, the logic to trim these unsafe commits is safely
removed.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>

* fix assertion typo

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>

* rebase and incorporate pr feedback

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2022-03-09 10:50:05 -08:00
Daniel Doubrovkine (dB.) 044f53630a
Set target and source compatibility to 11, required by Lucene 9. (#2407)
* Set target and source compatibility to 11, required by Lucene 9.

Signed-off-by: dblock <dblock@dblock.org>

* Uncomment commented code in #2321 for killing child processes that uses JDK9+ ProcessInfo.

Signed-off-by: dblock <dblock@dblock.org>

* Set distribution checker target JDK compatibility to 11.

Signed-off-by: dblock <dblock@dblock.org>

* Supress processing warnings.

Signed-off-by: dblock <dblock@dblock.org>
2022-03-08 14:48:51 -05:00
dependabot[bot] 3e9031f283
Bump gradle-extra-configurations-plugin from 3.0.3 to 7.0.0 in /buildSrc (#2386)
Bumps [gradle-extra-configurations-plugin](https://github.com/nebula-plugins/gradle-extra-configurations-plugin) from 3.0.3 to 7.0.0.
- [Release notes](https://github.com/nebula-plugins/gradle-extra-configurations-plugin/releases)
- [Changelog](https://github.com/nebula-plugins/gradle-extra-configurations-plugin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nebula-plugins/gradle-extra-configurations-plugin/compare/v3.0.3...v7.0.0)

---
updated-dependencies:
- dependency-name: com.netflix.nebula:gradle-extra-configurations-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-07 11:47:37 -05:00
Andriy Redko ae52008463
Fixing the --release flag usage for javac (#2343) (#2352)
* Fixing the --release flag usage for javac (#2343)

* Fixing the --release flag usage for javac

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>

* Fixing the --html5 flag usage for javadoc

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>

* Fix java-version-checker source/target compatibility settings (#2354)

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-03-04 17:44:52 -05:00
Daniel Doubrovkine (dB.) ae14259a2c
Restore Java 8 compatibility for build tools. (#2300) (#2321)
* Restore Java 8 compatibility for build tools.

Signed-off-by: dblock <dblock@dblock.org>

* Make source code compatible with Java 8.

Signed-off-by: dblock <dblock@dblock.org>
2022-03-03 14:34:53 -06:00
dependabot[bot] cb57b9202b
Bump log4j-core in /buildSrc/src/testKit/thirdPartyAudit/sample_jars (#2281)
Bumps log4j-core from 2.17.1 to 2.17.2.

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-03 14:23:47 -05:00
dependabot[bot] f6264a9044
Bump spock-core from 2.0-groovy-3.0 to 2.1-groovy-3.0 in /buildSrc (#2270)
Bumps spock-core from 2.0-groovy-3.0 to 2.1-groovy-3.0.

---
updated-dependencies:
- dependency-name: org.spockframework:spock-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-28 10:41:18 -08:00
Rishikesh Pasham 494c7bc436
Revert "Override Default Distribution Download Url with Custom Distribution Url When User Passes a Url" (#2256)
* Override default Distribution Download URL with custom Distribution URL

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Accidently made commit to main branch, this revives it.Override default Distribution Download URL with custom Distribution URL

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Revert Override Default Distribution Download Url with Custom Distribution Url When User Passes a Url

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>
2022-02-24 19:39:43 -08:00
dependabot[bot] 788ba99915
Bump forbiddenapis from 2.7 to 3.2 in /buildSrc/src/testKit/thirdPartyAudit (#2185)
* Bump forbiddenapis in /buildSrc/src/testKit/thirdPartyAudit

Bumps [forbiddenapis](https://github.com/policeman-tools/forbidden-apis) from 2.7 to 3.2.
- [Release notes](https://github.com/policeman-tools/forbidden-apis/releases)
- [Commits](https://github.com/policeman-tools/forbidden-apis/compare/2.7...3.2)

---
updated-dependencies:
- dependency-name: de.thetaphi:forbiddenapis
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fixing failing check

Signed-off-by: Vacha Shah <vachshah@amazon.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Vacha Shah <vachshah@amazon.com>
2022-02-24 11:27:44 -08:00
dependabot[bot] 3251a2a872
Bump commons-codec from 1.13 to 1.15 in /buildSrc (#2188)
Bumps [commons-codec](https://github.com/apache/commons-codec) from 1.13 to 1.15.
- [Release notes](https://github.com/apache/commons-codec/releases)
- [Changelog](https://github.com/apache/commons-codec/blob/rel/commons-codec-1.15/RELEASE-NOTES.txt)
- [Commits](https://github.com/apache/commons-codec/compare/commons-codec-1.13...rel/commons-codec-1.15)

---
updated-dependencies:
- dependency-name: commons-codec:commons-codec
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-21 12:39:02 -08:00
dependabot[bot] 5b3b98466a
Bump junit in /buildSrc/src/testKit/testingConventions (#2116)
Bumps [junit](https://github.com/junit-team/junit4) from 4.13.1 to 4.13.2.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md)
- [Commits](https://github.com/junit-team/junit4/compare/r4.13.1...r4.13.2)

---
updated-dependencies:
- dependency-name: junit:junit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-18 15:28:13 -08:00
dependabot[bot] be5b351a9b
Bump log4j-core in /buildSrc/src/testKit/thirdPartyAudit/sample_jars (#2131)
Bumps log4j-core from 2.11.1 to 2.17.1.

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-18 15:26:37 -08:00
Rishikesh Pasham 4a6f54bdeb
Override Default Distribution Download Url with Custom Distribution Url When User Passes a Url (#2086)
* Override Default Distribution Download Url with Custom Distribution Url When User Passes a Url

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Adding test to check if correct IVY repos were added

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Adding another test case when custom url is not passed and documenting usage of this in Developer Guide

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Adding TOC and making changes in DEVELOPER_GUIDE

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Making changes in DEVELOPER_GUIDE about Distribution Download plugin

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>
2022-02-18 14:17:07 -05:00
dependabot[bot] 4432ce2a57
Bump forbiddenapis from 3.0 to 3.2 in /buildSrc (#2113)
Bumps forbiddenapis from 3.0 to 3.2.

---
updated-dependencies:
- dependency-name: de.thetaphi:forbiddenapis
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-18 10:24:35 -08:00
dependabot[bot] 9689a27b63
Bump com.diffplug.spotless from 5.6.1 to 6.2.0 (#1919)
* Bump com.diffplug.spotless from 5.6.1 to 6.2.0

Bumps com.diffplug.spotless from 5.6.1 to 6.2.0.

---
updated-dependencies:
- dependency-name: com.diffplug.spotless
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* spotlessApply

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Nicholas Walter Knize <nknize@apache.org>
2022-02-16 22:08:40 -08:00
Martin Gaievski 309397520c
Adding support for JDK17 and removing JDK8 (#2025)
* Adding support for JDK17 and removing JDK8

Signed-off-by: Martin Gaievski <gaievski@amazon.com>

* Merge overlaping PR, bumping min java version to 11

Signed-off-by: Martin Gaievski <gaievski@amazon.com>

* Removing references to JDK8 from dev guide

Signed-off-by: Martin Gaievski <gaievski@amazon.com>
2022-02-02 20:59:10 -05:00
Leonidas Spyropoulos 6da253b8ff
build: introduce support for reproducible builds (#1995)
Reproducible builds is an initiative to create an independently-verifiable path from source to binary code [1]. This can be done by:
- Make all archive tasks in gradle reproducible by ignoring timestamp on files [2]
- Preserve the order in side the archives [2]
- Ensure GlobalBuildInfoPlugin.java use [SOURCE_DATE_EPOCH] when available

[SOURCE_DATE_EPOCH]: https://reproducible-builds.org/docs/source-date-epoch/
[1]: https://reproducible-builds.org/
[2]: https://docs.gradle.org/current/userguide/working_with_files.html#sec:reproducible_archives

Signed-off-by: Leonidas Spyropoulos <artafinde@gmail.com>
2022-02-02 09:13:54 -06:00
Sarat Vemulapalli 1f9517c4ca
Upgrading Shadow plugin to 7.1.2 (#2033)
Shadow plugin is used for publishing jars
and this upgrades Log4J dependency for build.

Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>
2022-02-02 08:51:23 -06:00
Andriy Redko 00416dc428
Update bundled JDK distribution to 17.0.2+8 (#2007)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-01-28 09:52:56 -08:00
Rishikesh Pasham 1568407c36
Upgrading Jackson-Databind version (#1982)
* Upgrading Jackson-Databind version

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Adding jackson-databind version using getProperty method

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>
2022-01-26 20:44:22 -08:00
Andriy Redko 1018b9c8dc
Update Mockito to 4.3.1 (#1973)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-01-26 14:53:41 -06:00
ankitkala 56ae7fab63
Add hook to execute logic before Integ test task starts (#1969)
Signed-off-by: Ankit Kala <ankikala@amazon.com>
2022-01-25 14:47:45 +05:30
Andriy Redko 32f2189686
Update Netty to 4.1.73.Final (#1936)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-01-18 16:30:18 -08:00
Rabi Panda 8fbd8cd998
Fix verifyVersions gradle task and cleanup bwcVersions (#1878)
Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2022-01-11 09:19:51 -05:00
Andriy Redko c192ecdfec
Attempt to fix :test:fixtures:s3-fixture:composeUp fails due to HTTP connection issue (#1866)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-01-10 17:34:52 -06:00
Ashish Agrawal 0b2eba568d
Update junit to 4.13.1 (#1837)
* Update junit to 4.13.1

Signed-off-by: Ashish Agrawal <ashisagr@amazon.com>

* update junit to 4.13.2

Signed-off-by: Ashish Agrawal <ashisagr@amazon.com>

* update SHA1 file

Signed-off-by: Ashish Agrawal <ashisagr@amazon.com>
2022-01-04 08:27:19 -05:00
Andriy Redko 385b268bc0
Update Mockito to 4.2.x (#1830)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-01-03 12:00:45 -05:00
Sarat Vemulapalli db91d2efe9
Upgrading bouncycastle to 1.70 (#1832) 2022-01-03 07:35:38 -05:00
Sarat Vemulapalli 7a97018a92
Updatting Netty to 4.1.72.Final (#1831) 2022-01-03 07:30:52 -05:00
Andriy Redko 65804d25a6
Update to log4j 2.17.1 (#1820)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2021-12-28 17:06:42 -05:00
Andriy Redko 65813b8320
RestIntegTestTask fails because of missed log4j-core dependency (#1815)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2021-12-28 14:51:25 -05:00
Andrew Ross ca40ba9c64
Ignore file order in test assertion (#1755)
This unit test asserts that a SHA file for a groovy dependency gets
created. However, a SHA file for javaparser-core also gets created in
the same directory. For some reason, builds were failing on my machine
because `Files::list` was returning the javaparser-core file first. I
don't believe there are any ordering guarantees with that API, so I
relaxed the assertion to not depend on ordering.

Signed-off-by: Andrew Ross <andrross@amazon.com>
2021-12-20 13:58:05 -05:00
Andriy Redko ca27c8fd4f
Update to log4j 2.17.0 (#1771) 2021-12-18 09:36:59 -08:00
Andriy Redko 6db435412b
Upgrade to log4j 2.16.0 (#1721)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2021-12-14 07:34:45 -05:00
Andrew Ross 309649ce8a
Upgrade to logj4 2.15.0 (#1698)
Signed-off-by: Andrew Ross <andrross@amazon.com>
2021-12-10 13:03:41 -08:00