Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency org.springframework.amqp:spring-rabbit to v3 #10

Open
wants to merge 1 commit into
base: vp-rem
Choose a base branch
from
Open

Update dependency org.springframework.amqp:spring-rabbit to v3 #10

wants to merge 1 commit into from

Conversation

mend-for-jackfan.us.kg[bot]
Copy link

@mend-for-jackfan.us.kg mend-for-jackfan.us.kg bot commented Feb 14, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
org.springframework.amqp:spring-rabbit compile major 1.7.1.RELEASE -> 3.1.0

By merging this PR, the issue #24 will be automatically resolved and closed:

Severity CVSS Score CVE
Critical Critical 10.0 CVE-2018-14721
Critical Critical 9.8 CVE-2017-15095
Critical Critical 9.8 CVE-2017-17485
Critical Critical 9.8 CVE-2017-7525
Critical Critical 9.8 CVE-2018-11307
Critical Critical 9.8 CVE-2018-14718
Critical Critical 9.8 CVE-2018-14719
Critical Critical 9.8 CVE-2018-14720
Critical Critical 9.8 CVE-2018-19360
Critical Critical 9.8 CVE-2018-19361
Critical Critical 9.8 CVE-2018-19362
Critical Critical 9.8 CVE-2018-7489
Critical Critical 9.8 CVE-2019-10202
Critical Critical 9.8 CVE-2019-14379
Critical Critical 9.8 CVE-2019-14540
Critical Critical 9.8 CVE-2019-14892
Critical Critical 9.8 CVE-2019-14893
Critical Critical 9.8 CVE-2019-16335
Critical Critical 9.8 CVE-2019-16942
Critical Critical 9.8 CVE-2019-16943
Critical Critical 9.8 CVE-2019-17267
Critical Critical 9.8 CVE-2019-17531
Critical Critical 9.8 CVE-2019-20330
Critical Critical 9.8 CVE-2020-8840
Critical Critical 9.8 CVE-2020-9546
Critical Critical 9.8 CVE-2020-9547
Critical Critical 9.8 CVE-2020-9548
High High 8.8 CVE-2020-10672
High High 8.8 CVE-2020-10673
High High 8.8 CVE-2020-10968
High High 8.8 CVE-2020-10969
High High 8.8 CVE-2020-11111
High High 8.8 CVE-2020-11112
High High 8.8 CVE-2020-11113
High High 8.1 CVE-2018-5968
High High 8.1 CVE-2020-10650
High High 8.1 CVE-2020-11619
High High 8.1 CVE-2020-11620
High High 8.1 CVE-2020-14060
High High 8.1 CVE-2020-14061
High High 8.1 CVE-2020-14062
High High 8.1 CVE-2020-14195
High High 8.1 CVE-2020-24616
High High 8.1 CVE-2020-24750
High High 8.1 CVE-2020-36179
High High 8.1 CVE-2020-36180
High High 8.1 CVE-2020-36181
High High 8.1 CVE-2020-36182
High High 8.1 CVE-2020-36183
High High 8.1 CVE-2020-36184
High High 8.1 CVE-2020-36185
High High 8.1 CVE-2020-36186
High High 8.1 CVE-2020-36187
High High 8.1 CVE-2020-36188
High High 8.1 CVE-2020-36189
High High 8.1 CVE-2021-20190
High High 7.5 CVE-2018-12022
High High 7.5 CVE-2018-12023
High High 7.5 CVE-2019-12086
High High 7.5 CVE-2019-14439
High High 7.5 CVE-2020-36518
High High 7.5 CVE-2022-42003
High High 7.5 CVE-2022-42004
High High 7.5 WS-2022-0468
Medium Medium 6.5 CVE-2018-1257
Medium Medium 6.5 CVE-2022-22971
Medium Medium 6.5 WS-2019-0379
Medium Medium 5.9 CVE-2019-12384
Medium Medium 5.9 CVE-2019-12814
Medium Medium 5.3 CVE-2020-13956
Medium Medium 5.3 WS-2017-3734
Medium Medium 5.0 CVE-2023-34050
Medium Medium 4.9 CVE-2023-46120

Release Notes

spring-projects/spring-amqp (org.springframework.amqp:spring-rabbit)

v3.1.0

Compare Source

🐞 Bug Fixes

  • Stream/Queue size in bytes (x-max-length-bytes) #​2552
  • Fix Super Stream Example in Docs #​2546

🔨 Dependency Upgrades

🔨 Tasks

  • Unable to connect to RabbitMQ Stream #​2522

External Links

v3.0.14

Compare Source

🐞 Bug Fixes

  • Mitigate channel leak in the CachingConnectionFactory when connection is closed from the borker #​2716

🔨 Dependency Upgrades

  • Bump com.gradle.develocity from 3.17.3 to 3.17.4 #​2707
  • Bump org.springframework.retry:spring-retry from 2.0.5 to 2.0.6 #​2706
  • Bump io.projectreactor:reactor-bom from 2022.0.18 to 2022.0.19 #​2705
  • Bump com.gradle.develocity from 3.17.2 to 3.17.3 #​2703
  • Bump org.testcontainers:testcontainers-bom from 1.19.7 to 1.19.8 #​2702
  • Bump com.github.luben:zstd-jni from 1.5.6-2 to 1.5.6-3 #​2691

v3.0.13

Compare Source

🐞 Bug Fixes

  • Memory leak with AsyncRabbitTemplate #​2678
  • DefaultMessagePropertiesConverter#toMessageProperties should handle x-delay in Short #​2668

🔨 Dependency Upgrades

  • Bump io.projectreactor:reactor-bom from 2022.0.17 to 2022.0.18 #​2686
  • Bump com.github.luben:zstd-jni from 1.5.6-1 to 1.5.6-2 #​2674

v3.0.12

Compare Source

🐞 Bug Fixes

  • Channel cache leak when no answers from broker for pending confirms #​2641
  • Kotlin suspend functions return type is incorrect #​2639

🔨 Dependency Upgrades

  • Bump io.projectreactor:reactor-bom from 2022.0.16 to 2022.0.17 #​2664
  • Bump org.testcontainers:testcontainers-bom from 1.19.6 to 1.19.7 #​2650
  • Bump org.testcontainers:testcontainers-bom from 1.19.5 to 1.19.6 #​2636

v3.0.11

Compare Source

🐞 Bug Fixes

  • Wrong ClassLoader is used for message deserialization when devtools are active #​2610
  • The SimpleMessageListenerContainer does not shutdown properly #​2594
  • CachingConnectionFactory leaks channels during connection resets when used in a SimpleMessageContainer #​2569
  • Fix Super Stream Example in Docs #​2548

🔨 Dependency Upgrades

  • Bump org.springframework.data:spring-data-bom from 2022.0.11 to 2022.0.12 #​2634
  • Bump kotlinVersion from 1.7.21 to 1.7.22 #​2633
  • Bump io.micrometer:micrometer-bom from 1.10.12 to 1.10.13 #​2632
  • Bump org.springframework.retry:spring-retry from 2.0.4 to 2.0.5 #​2631
  • Bump io.micrometer:micrometer-tracing-bom from 1.0.11 to 1.0.12 #​2630
  • Bump ch.qos.logback:logback-classic from 1.4.4 to 1.4.14 #​2629
  • Bump io.projectreactor:reactor-bom from 2022.0.12 to 2022.0.16 #​2628
  • Bump org.testcontainers:testcontainers-bom from 1.19.2 to 1.19.5 #​2627
  • Bump org.junit:junit-bom from 5.9.2 to 5.9.3 #​2626

v3.0.10

Compare Source

🐞 Bug Fixes

  • Ignore Kotlin Continuation Parameter While Inferring Conversion Type #​2533

🔨 Dependency Upgrades

  • Upgrade Spring Framework, Data, Retry, Reactor, Micrometer Versions #​2544

External Links

v3.0.9

Compare Source

🔨 Dependency Upgrades

  • Upgrade Spring, Data, Retry, Reactor, Micrometer, Jackson Versions #​2525

🔨 Tasks

  • Output of asciidoctorPdf can be pulled from cache when run on machines with different checkout directories #​2520

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​erichaagdev

External Links

v3.0.8

Compare Source

⭐ New Features

  • Clear Deferred Channel Close Executor #​2508
  • Add maxInboundMessageSize to RabbitConnectionFactoryBean #​2497
  • Add forceStop to Container Factories #​2492

🐞 Bug Fixes

  • Regression: ApplicationContext.stop() Hangs for 30s When Inactive Container(s) Present #​2513
  • Redeclaration of manually declared objects fail if objects with different types have the same name #​2501

🔨 Dependency Upgrades

  • Upgrade Reactor Version to 2020.0.35 #​2514

External Links

v3.0.7

Compare Source

⭐ New Features

  • Add forceStop to Container Factories #​2490

🐞 Bug Fixes

  • Spring AMQP artifacts have not published associated .module files needed by Gradle. #​2493

External Links

v3.0.6

Compare Source

🐞 Bug Fixes

  • Ensure Strict Ordering with Single Active and Exclusive Consumers #​2482

🔨 Dependency Upgrades

  • Upgrade Spring Framework, Data, Micrometer, Reactor Versions #​2489
  • Upgrade amqp-client Version #​2485

External Links

v3.0.5

Compare Source

⭐ New Features

  • Add Observation to Stream Components #​2467
  • Invoke RabbitListenerErrorHandler with Async Return Types #​2461
  • Add Kotlin Coroutine support #​1210

🐞 Bug Fixes

  • AmqpException when testing @RabbitListener with @RabbitHandler #​2456
  • setRedeclareManualDeclarations not honoured if no queue beans declared #​2452
  • If there is no regular AMQP activity in the application, the RabbitAdmin does not declare Rabbit entities #​2451

📔 Documentation

  • Improve Docs for Choosing a Connection Factory #​2473
  • Adding SSL configuration through RabbitConnectionFactoryBean approach into the documentation #​2472
  • Fix typo in stream.adoc #​2466
  • Aligned client connection order reference. #​2459

🔨 Dependency Upgrades

  • Upgrade Spring Framework, Data, Retry, Micrometer, Reactor Versions #​2477

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​dlehammer and @​making

External Links

v3.0.4

Compare Source

⭐ New Features

🐞 Bug Fixes

  • Spring amqp doesnt support more than 1 server-named/anonymous queues #​2439
  • Missing @RabbitHandler method triggers an infinite retry loop #​2437
  • AMLC.redeclareElementsIfNecessary does not take into account Declarables #​2432

📔 Documentation

  • Document CorrelationData.getReturned() #​2447
  • Consider to add Rabbit Stream auto-creation hook #​2445
  • Document "send and receive" methods return value after a timeout #​1410

🔨 Dependency Upgrades

  • Upgrade Spring Framework, Data, Micrometer, Reactor, JUnit Versions #​2450

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​EldarErel

External Links

v3.0.3

Compare Source

🐞 Bug Fixes

  • NPE in AbstractConnectionFactory that causes connection listeners to be skipped #​2425

🔨 Dependency Upgrades

  • Upgrade Micrometer, Reactor, Spring Versions #​2433

External Links

v3.0.2

Compare Source

🐞 Bug Fixes

  • Run callback for shutdown also when container is already shut down #​1562

📔 Documentation

🔨 Dependency Upgrades

  • Upgrade Jackson, Micrometer, Reactor, Spring Data, Spring Framework Versions #​2422

🔨 Tasks

  • Irrelevant values in CachingConnectionFactory#toString #​1560

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​GonMMarques and @​timbq

External Links

v3.0.1

Compare Source

🐞 Bug Fixes

📔 Documentation

  • Fix typo in amqp.adoc #​1547
  • Fix Documentation For Containers with Zero Queues #​1541
  • Missing Javadocs for MessageProperties.expiration #​1539

🔨 Dependency Upgrades

  • Upgrade Spring, Micrometer, Reactor Versions #​1556

🔨 Tasks

  • Fix Testcontainer Tests With No Docker Running #​1552
  • AMQP-52:Remove Obsolete MessageProperties Comments #​1546

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​GonMMarques

External Links

v3.0.0

Compare Source

⭐ New Features

  • Add ability to set consumer priority with AmqpTemplate #​1533
  • Fix type pollution RabbitListenerAnnotationBeanPostProcessor #​1528
  • add support for the configuration of multiple ContainerCustomizer at a time #​1517
  • Flooding of 'Failed to check/redeclare auto-delete queue(s)' error messages #​1477
  • Set replyPostProcessor default value from the message container factory #​1425
  • Improve Extensibility of RepublishMessageRecoverer #​1382

🐞 Bug Fixes

  • Transactional channel is always closed after commit when using ThreadChannelConnectionFactory as publisher #​1524

📔 Documentation

🔨 Dependency Upgrades

  • Spring Data 2022.0.0, Framework 6.0.0, Retry 2.0.0 #​1538
  • Hibernate Validation 8.0.0-final, Micrometer 1.10.1, Mockito 4.8.1, Reactor 2022.0.0, TestContainers 1.17.6 #​1537

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​GonMMarques

v2.4.17

Compare Source

⭐ New Features

🐞 Bug Fixes

  • Ignore Kotlin Continuation Parameter While Inferring Conversion Type #​2534

🔨 Dependency Upgrades

External Links

v2.4.16

Compare Source

⭐ New Features

🔨 Dependency Upgrades

  • Upgrade Spring Framework, Reactor Versions #​2524

External Links

v2.4.15

Compare Source

⭐ New Features

  • Clear Deferred Channel Close Executor #​2508
  • Add maxInboundMessageSize to RabbitConnectionFactoryBean #​2497
  • Add forceStop to Container Factories #​2492

🐞 Bug Fixes

  • Regression: ApplicationContext.stop() Hangs for 30s When Inactive Container(s) Present #​2513
  • Redeclaration of manually declared objects fail if objects with different types have the same name #​2501

🔨 Dependency Upgrades

  • Upgrade Reactor Version to 2020.0.35 #​2514

External Links

v2.4.14

Compare Source

🐞 Bug Fixes

  • Ensure Strict Ordering with Single Active and Exclusive Consumers #​2484

🔨 Dependency Upgrades

  • Upgrade Spring Framework, Reactor Versions #​2488
  • Upgrade amqp-client Version #​2486

External Links

v2.4.13

Compare Source

🐞 Bug Fixes

  • If there is no regular AMQP activity in the application, the RabbitAdmin does not declare Rabbit entities #​2464
  • AmqpException when testing @RabbitListener with @RabbitHandler #​2458
  • setRedeclareManualDeclarations not honoured if no queue beans declared #​2454

🔨 Dependency Upgrades

  • Upgrade Spring Framework, Reactor Versions #​2476

External Links

v2.4.12

Compare Source

⭐ New Features

🐞 Bug Fixes

  • Missing @RabbitHandler method triggers an infinite retry loop #​2444
  • Spring amqp doesnt support more than 1 server-named/anonymous queues #​2442
  • AMLC.redeclareElementsIfNecessary does not take into account Declarables #​2435

🔨 Dependency Upgrades

  • Upgrade Spring Framework, Reactor, CommonsHttp #​2449

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​EldarErel

External Links

v2.4.11

Compare Source

🐞 Bug Fixes

  • NPE in AbstractConnectionFactory that causes connection listeners to be skipped #​2427

🔨 Dependency Upgrades

  • Upgrade Spring Framework to 5.3.26 #​2431

External Links

v2.4.10

Compare Source

🐞 Bug Fixes

  • GH-1561: SimpleMessageListenerContainer: Delayed shutdown because callback is not run #​1563

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​timbq

External Links

v2.4.9

Compare Source

🐞 Bug Fixes

📔 Documentation

  • Fix Documentation For Containers with Zero Queues #​1542
  • Missing Javadocs for MessageProperties.expiration #​1540

🔨 Dependency Upgrades

  • Upgrade Spring, Micrometer, Reactor Versions #​1555

External Links

v2.4.8

Compare Source

Change log:

34d9da7 Upgrade Versions; Prepare for Release
11d4282 GH-1533: Template Receive with Consumer Args
0ff3eb9 Fix typo in amqp.adoc
64e9f13 GH-1382: Sonar Issues
ddc32a3 GH-1382: Republish Recoverer Improvements
06ba396 GH-1528: Fix Possible Type Pollution
8dea23b GH-1524: Fix ThreadChannelCF with Transactional
9242967 GH-1477: Reduce Log Noise While Broker Down
399eff9 GH-1517: Fix Javadoc, CheckStyle
76a4b87 GH-1517: Add Since Tag
b63cd5b GH-1517: Docs and Polishing for Composite Cust.
b3bab6b GH-1517: Add CompositeContainerCustomizer
3c957f9 Sonar Fix
93ad8dd GH-1419: Increase New Code Test Coverage
fc984e0 GH-1419: Fix Local Node Name in Tests
c2c534d GH-1419: Sonar Fixes
1713452 GH-1419: Fix Early Exit in NodeLocator
6e3e246 GH-1419: Remove RabbitMQ http-client Usage

v2.4.7

Compare Source

Change log:

5017e03 Upgrade Versions; Prepare for Release
2746ebe GH-1473: Revert CompletableFuture Changes
e8f12b2 GH-1449: Fix Auto Recovery Docs
08b7171 GH-1494: Fix Test Harness with @​Repeatable
a8470fd Improve Stream Template Test Coverage
88734c3 GH-1491: Fix Fallback When Parameter is Optional
caa5052 GH-1491: Fix Possible NPE
38e0803 GH-1487: Countdown not active AsyncMProcConsumer
3d3dfa5 GH-1491: Support Optional/null Payloads
67bfec9 GH-1480: Switch to CompletableFuture in s-r-stream
9e04fb1 Fix Javadoc in the AsyncRabbitTemplate2
038f8f6 GH-1473: Move RabbitFutures to Top Level Classes
819630c Fix Sonar Issue
fac71c4 GH-1473: Fix Unused Import
439ccd1 GH-1473: Switch to CompletableFuture
37109ad Fix Copyright in the BatchingRabbitTemplateTests
10274fe GH-1474: Fix MessageProperties.lastInBatch
765e011 GH-1474: Fix BatchingStrategy Propagation

v2.4.6

Compare Source

Change log:

709e03c Upgrade Versions; Prepare for Release
2086621 Fix Previous Commit
e16eef6 Fix Sonar Issues
3b93ef8 GH-1338: Fix Javadoc
f367bae GH-1338: Polishing
b5f85b0 GH-1338: Add MessageAckListener
5944301 GH-1463: RabbitTemplate.logReceived() Protected
7090132 GH-1459: Remove Unused Method
5bf6bc3 GH-1459: Fix Javadocs
10f39fb GH-1459: Improve MeterRegistry Discovery

v2.4.5

Compare Source

Change log:

d31a631 Upgrade Versions; Prepare for Release
662fb74 GH-1455: AdviceChain on Stream Listener Container
e498671 GH-1452: Close Connection in checkMissingQueues

v2.4.4

Compare Source

Change log:
fb38998 Upgrade versions; prepare for release
f87483a Issue 1450: avoid NullPointerException which occurs during shutdown o… (#​1451)
57bc30f More formatting typos
8bce39d Fix typo in amqp.adoc
55d1289 GH-1436: Async Stop Containers
d660edb Upgrade Jackson Version
7421de4 GH-1434: Mixed CFs With/Without Confirms/Returns
447fa92 GH-1443: Pull CCF.resetConnection() to CF
8843b1a GH-1441: Fix Payload Detection with MessageHeaders
519face GH-1439: Fix Memory Leak with Misconfiguration

v2.4.3

Compare Source

Change log:

a773a78 Upgrade versions; prepare for release
6df5edd GH-1433: Fix DMLC Monitor Thread Name
[b7f698a](https://redire

@mend-for-jackfan.us.kg mend-for-jackfan.us.kg bot added the security fix Security fix generated by Mend label Feb 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants