io.seata
seata-spring-boot-starter
diff --git a/changes/en-us/2.0.0.md b/changes/en-us/2.0.0.md
index e5004dd5dd3..fc8b106af16 100644
--- a/changes/en-us/2.0.0.md
+++ b/changes/en-us/2.0.0.md
@@ -149,6 +149,8 @@ The version is updated as follows:
- [[#5938](https://github.com/seata/seata/pull/5938)] support jmx port in seata
- [[#5951](https://github.com/seata/seata/pull/5951)] remove un support config in jdk17
- [[#5959](https://github.com/seata/seata/pull/5959)] modify code style and remove unused import
+- [[#6002](https://github.com/seata/seata/pull/6002)] remove fst serialization
+
### security:
- [[#5642](https://github.com/seata/seata/pull/5642)] add Hessian Serializer WhiteDenyList
diff --git a/changes/zh-cn/2.0.0.md b/changes/zh-cn/2.0.0.md
index 7255910102f..bb9c22850e2 100644
--- a/changes/zh-cn/2.0.0.md
+++ b/changes/zh-cn/2.0.0.md
@@ -150,6 +150,7 @@ Seata 是一款开源的分布式事务解决方案,提供高性能和简单
- [[#5938](https://github.com/seata/seata/pull/5938)] 支持 jmx 监控配置
- [[#5951](https://github.com/seata/seata/pull/5951)] 删除在 jdk17 中不支持的配置项
- [[#5959](https://github.com/seata/seata/pull/5959)] 修正代码风格问题及去除无用的类引用
+- [[#6002](https://github.com/seata/seata/pull/6002)] 移除fst序列化模块
### security:
diff --git a/core/src/main/java/io/seata/core/serializer/SerializerType.java b/core/src/main/java/io/seata/core/serializer/SerializerType.java
index b5f468f9e7f..292c0f042ac 100644
--- a/core/src/main/java/io/seata/core/serializer/SerializerType.java
+++ b/core/src/main/java/io/seata/core/serializer/SerializerType.java
@@ -44,7 +44,7 @@ public enum SerializerType {
KRYO((byte)0x4),
/**
- * The fst.
+ * The fst but it's been removed.
*
* Math.pow(2, 3)
*/
@@ -56,8 +56,9 @@ public enum SerializerType {
* Math.pow(2, 4)
*/
HESSIAN((byte)0x16),
+
/**
- * The hessian.
+ * The jackson.
*
* Math.pow(2, 5)
*/
@@ -82,6 +83,10 @@ public static SerializerType getByCode(int code) {
return b;
}
}
+ if (code == SerializerType.FST.getCode()) {
+ throw new IllegalArgumentException(
+ "Since fst is no longer maintained, this serialization extension has been removed from version 2.0 for security and stability reasons.");
+ }
throw new IllegalArgumentException("unknown codec:" + code);
}
diff --git a/dependencies/pom.xml b/dependencies/pom.xml
index 4b3378be038..8c557cc288d 100644
--- a/dependencies/pom.xml
+++ b/dependencies/pom.xml
@@ -78,7 +78,6 @@
5.4.0
0.45
4.0.63
- 2.57
2.4.4
1.5.0-4
1.4.20
@@ -561,11 +560,6 @@
hessian
${hessian.version}
-