Bump nacos-client from 2.1.2 to 2.2.2 #12069

dependabot · 2023-04-11T13:33:39Z

Bumps nacos-client from 2.1.2 to 2.2.2.

Release notes

2.2.2 (Apr 11, 2023)

Nacos recently released versions 2.2.0.1 and 2.2.1, which have made major changes to the default authentication plugin to remove the some default values of authentication plugin. For details, see Risk Description and 2.2.1 release.

But Nacos default console ui relies on token.secret.key by default, after removing the default value of token.secret.key, many new users who use the latest version image by default have a large number of startup failures. The situation has a great impact on the usability of users.

Therefore, version 2.2.2 is mainly optimized for this problem.

Enhancement&Refactor

#10153 Close console login page when auth.enabled is false. #10276 Default close openssl for client.

BugFix

#10208 Remove DefaultSettingPropertySource.java.

2.2.1 (Mar 17th, 2023)

This version is mainly Specially, Remove default value of token.secret.key and server.identity. Detail see: announcement.

And this version upgrade many dependencies such as spring-boot, Grpc, jraft and so on.

What's more, This version add a beta feature, make the grpc request support TLS, and fix some bugs and enhance some usage problems.

Detail see:

feature

#9276 Add search config by content. #9703 add catalog v2 API to support list instances which is un-enabled. #9710 Support prometheus-sd basic auth. #9888 Beta support Grpc TLS feature. #10062 Naming support aliyun STS auth.

Enhancement&Refactor

#9510 Add sql log print function. #9646 Replace concatenated strings with placeholders. #9708 Clean expired and invalid connections for HTTP client. #9783 Handle public namespaceId as default namespaceId for publish and query config for V2 http api. #9837 Enhance Grpc connected time when cluster started to load snapshot quickly. #9859 Refactor default auth plugin, use custom JWT instead of jjwt. #9860 Adapt logback 1.4.5 by SPI. #9885 Add prometheus api exception handling. #9949 Use Grpc replace all Http request between servers. #9951 Judge the message whether null for metadata processor. #10084 Client use Async appender to print log. #10108 Remove identity default value.

BugFix

#9621 Fix Config Client server check always up problem. #9728 Fix prometheus http sd only return public namespace problem. #9732 Fix namespace v2 api auth not work problem. #9734 Fix http login url without default port problem. #9795 Fix export config failure problem for non admin user after opening auth.

... (truncated)

Commits

d2e16a3 Fix dynamic change token to illegal value will use old token.
50d313b 取消默认openssl (#10276)
6c4c41c Upgrade to 2.2.2
9539087 Don't stopping startup for illegal token.secret.key when auth.enabled is fals...
e31f830 Don't stopping startup for illegal token.secret.key when auth.enabled is fals...
0f43ea9 Build console main.js. (#10264)
9162c51 [fix]🐛nacos login page && notice config (#10262)
3b0fda2 [ISSUE#10153] Add auth state into /state api and add announcement api. (#10203)
285d39a [ISSUE#10208] Remove DefaultSettingPropertySource.java and add some unit test...
cb0422e Merge pull request #10126 from alibaba/develop
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [nacos-client](https://github.com/alibaba/nacos) from 2.1.2 to 2.2.2. - [Release notes](https://github.com/alibaba/nacos/releases) - [Changelog](https://github.com/alibaba/nacos/blob/develop/CHANGELOG.md) - [Commits](alibaba/nacos@2.1.2...2.2.2) --- updated-dependencies: - dependency-name: com.alibaba.nacos:nacos-client dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

codecov-commenter · 2023-04-20T09:05:11Z

Codecov Report

Merging #12069 (a2358e5) into 3.2 (2a86ae7) will decrease coverage by 2.23%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##                3.2   #12069      +/-   ##
============================================
- Coverage     69.78%   67.56%   -2.23%     
+ Complexity      340        2     -338     
============================================
  Files          3397     1726    -1671     
  Lines        159184    69134   -90050     
  Branches      26531     9940   -16591     
============================================
- Hits         111086    46710   -64376     
+ Misses        38436    17997   -20439     
+ Partials       9662     4427    -5235

see 1992 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more