[PR] Bump com.google.errorprone:error_prone_annotations from 2.4.0 to 2.26.1 [tinkerpop]
dependabot[bot] opened a new pull request, #2520:
URL: https://github.com/apache/tinkerpop/pull/2520
Bumps
[com.google.errorprone:error_prone_annotations](https://github.com/google/error-prone)
from 2.4.0 to 2.26.1.
Release notes
Sourced from https://github.com/google/error-prone/releases;>com.google.errorprone:error_prone_annotations's
releases.
Error Prone 2.26.1
This release contains all of the changes in https://github.com/google/error-prone/releases/tag/v2.26.0;>2.26.0,
plus a bug fix to the module name of the annotations artifact
com.google.errorprone.annotations (https://github.com/google/error-prone/commit/9d99ee76f2ca8568b69150f5df7fe845c8545d16;>https://github.com/google/error-prone/commit/9d99ee76f2ca8568b69150f5df7fe845c8545d16)
Starting in 2.26.x, the 'annotations' artifact now includes
a module-info.java for Java Platform Module System support, thanks
to https://github.com/sgammon;>@sgammon in https://redirect.github.com/google/error-prone/issues/4311;>#4311.
Compatibility note:
Now that the annotations artifact explicit declares a module instead of
relying on Automatic-Module-Name, JDK 17 and newer perform
stricter module encapsulation checks. Modularized libraries depending on Error
Prone annotations 2.26.x and newer may see errors like:
error: package com.google.errorprone.annotations is not visible
import com.google.errorprone.annotations.CheckReturnValue;
^
(package com.google.errorprone.annotations is declared in module
com.google.errorprone.annotations, but module ... does not read it)
The fix is to add requires static to the module declaration
of modularized libraries that depend on Error Prone annotations:
module your.module {
...
+ requires static com.google.errorprone.annotations;
}
Full Changelog: https://github.com/google/error-prone/compare/v2.26.0...v2.26.1;>https://github.com/google/error-prone/compare/v2.26.0...v2.26.1
Error Prone 2.26.0
Warning: This release contains a bug, please use https://github.com/google/error-prone/releases/tag/v2.26.1;>2.26.1 or
newer instead.
Changes:
The 'annotations' artifact now includes a module-info.java
for Java Platform Module System support, thanks to https://github.com/sgammon;>@sgammon in https://redirect.github.com/google/error-prone/issues/4311;>#4311.
Disabled checks passed to -XepPatchChecks are now ignored,
instead of causing a crash. Thanks to https://github.com/oxkitsune;>@oxkitsune in https://redirect.github.com/google/error-prone/issues/4028;>#4028.
New checks:
https://errorprone.info/bugpattern/SystemConsoleNull;>SystemConsoleNull:
Null-checking System.console() is not a reliable way to detect if
the console is connected to a terminal.
https://errorprone.info/bugpattern/EnumOrdinal;>EnumOrdinal:
Discourage uses of Enum.ordinal()
Closed issues: https://redirect.github.com/google/error-prone/issues/2649;>#2649, https://redirect.github.com/google/error-prone/issues/3908;>#3908, https://redirect.github.com/google/error-prone/issues/4028;>#4028, https://redirect.github.com/google/error-prone/issues/4311;>#4311, https://redirect.github.com/google/error-prone/issues/4314;>#4314
Full Changelog: https://github.com/google/error-prone/compare/v2.25.0...v2.26.0;>https://github.com/google/error-prone/compare/v2.25.0...v2.26.0
Error Prone 2.25.0
New checks:
... (truncated)
Commits
https://github.com/google/error-prone/commit/b38057250a8a035d6b3856098145aeab1df1149f;>b380572
Release Error Prone 2.26.1
https://github.com/google/error-prone/commit/9d99ee76f2ca8568b69150f5df7fe845c8545d16;>9d99ee7
fix: module name → com.google.errorprone.annotations
https://github.com/google/error-prone/commit/ea5ef6dd29022683eced044a2b0b3fa91d8b3200;>ea5ef6d
Add the 'compile' goal for 'compile-java9'
https://github.com/google/error-prone/commit/0e9536471b6b8e7e03d29584eceb8a0e0f3240d7;>0e95364
feat: add jpms definition for annotations
https://github.com/google/error-prone/commit/9da2d5580e3939f97ef2e91278b330a56b5ed1fe;>9da2d55
Ignore disabled checks passed to -XepPatchChecks
https://github.com/google/error-prone/commit/3292632ee5f2776b57171bedef6bdb1c4c222345;>3292632
Increase year range on Date usages.
https://github.com/google/error-prone/commit/ad513d5a82dc803dcc5179ffcdf7073d43430623;>ad513d5
Recommend using var for var unused = ...; and `var
thrown = assertThrows(...
https://github.com/google/error-prone/commit/af37d35d208d37e9658038127d35afdd41325da4;>af37d35
ImpossibleNullComparison: emit empty fixes.
https://github.com/google/error-prone/commit/297019c6706c8c27a58717f0a4269abf92af8de4;>297019c
Fix some mistakes in the EnumOrdinal examples
https://github.com/google/error-prone/commit/f3dbb094f5105fa1f5a17c69d50a6663b414a6d5;>f3dbb09
Move the EnumOrdinal.md doc to the right place (it got overwritten by
(tinkerpop) branch dependabot/maven/3.6-dev/com.fasterxml.jackson.core-jackson-annotations-2.17.0 created (now 9ef7cf2043)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/3.6-dev/com.fasterxml.jackson.core-jackson-annotations-2.17.0 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git at 9ef7cf2043 Bump com.fasterxml.jackson.core:jackson-annotations No new revisions were added by this update.
(tinkerpop) branch dependabot/maven/3.6-dev/com.google.errorprone-error_prone_annotations-2.26.1 created (now e45327fff9)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/3.6-dev/com.google.errorprone-error_prone_annotations-2.26.1 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git at e45327fff9 Bump com.google.errorprone:error_prone_annotations from 2.4.0 to 2.26.1 No new revisions were added by this update.
Re: [PR] Bump com.google.errorprone:error_prone_annotations from 2.4.0 to 2.26.0 [tinkerpop]
dependabot[bot] closed pull request #2519: Bump com.google.errorprone:error_prone_annotations from 2.4.0 to 2.26.0 URL: https://github.com/apache/tinkerpop/pull/2519 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
(tinkerpop) branch dependabot/maven/3.6-dev/com.fasterxml.jackson.core-jackson-annotations-2.16.2 deleted (was 610bf9f0df)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/3.6-dev/com.fasterxml.jackson.core-jackson-annotations-2.16.2 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git was 610bf9f0df Bump com.fasterxml.jackson.core:jackson-annotations The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
Re: [PR] Bump com.fasterxml.jackson.core:jackson-annotations from 2.12.7 to 2.16.2 [tinkerpop]
dependabot[bot] closed pull request #2516: Bump com.fasterxml.jackson.core:jackson-annotations from 2.12.7 to 2.16.2 URL: https://github.com/apache/tinkerpop/pull/2516 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.fasterxml.jackson.core:jackson-annotations from 2.12.7 to 2.17.0 [tinkerpop]
dependabot[bot] opened a new pull request, #2521: URL: https://github.com/apache/tinkerpop/pull/2521 Bumps [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) from 2.12.7 to 2.17.0. Commits See full diff in https://github.com/FasterXML/jackson/commits;>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.fasterxml.jackson.core:jackson-annotations from 2.12.7 to 2.16.2 [tinkerpop]
dependabot[bot] commented on PR #2516: URL: https://github.com/apache/tinkerpop/pull/2516#issuecomment-1994596998 Superseded by #2521. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
(tinkerpop) branch dependabot/maven/3.6-dev/com.google.errorprone-error_prone_annotations-2.26.0 deleted (was c4234e260a)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/3.6-dev/com.google.errorprone-error_prone_annotations-2.26.0 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git was c4234e260a Bump com.google.errorprone:error_prone_annotations from 2.4.0 to 2.26.0 The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
Re: [PR] Bump com.google.errorprone:error_prone_annotations from 2.4.0 to 2.26.0 [tinkerpop]
dependabot[bot] commented on PR #2519: URL: https://github.com/apache/tinkerpop/pull/2519#issuecomment-1994596466 Superseded by #2520. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
(tinkerpop) branch TINKERPOP-3063 created (now e0e52b7300)
This is an automated email from the ASF dual-hosted git repository. florianhockmann pushed a change to branch TINKERPOP-3063 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git at e0e52b7300 TINKERPOP-3063 Fix authentication for concurrency This branch includes the following new commits: new e0e52b7300 TINKERPOP-3063 Fix authentication for concurrency The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
(tinkerpop) 01/01: TINKERPOP-3063 Fix authentication for concurrency
This is an automated email from the ASF dual-hosted git repository.
florianhockmann pushed a commit to branch TINKERPOP-3063
in repository https://gitbox.apache.org/repos/asf/tinkerpop.git
commit e0e52b7300443fd9ce51007750585170e68d82fe
Author: Florian Hockmann
AuthorDate: Wed Mar 13 15:16:02 2024 +0100
TINKERPOP-3063 Fix authentication for concurrency
Executing multiple queries in parallel could lead to authentication
failures if `MaxInProcessPerConnection` is set to a value higher than
`1` as the second request could then be sent to the server while the
server was still waiting for the authentication challenge response from
the driver for the first query.
This made it necessary to set `MaxInProcessPerConnection=1` as a
workaround for such scenarios which of course means that connection
pooling is less efficient.
Simply sending a validation request on each connection right after
establishing the connection and therefore before it can be used to
submit queries from the user should fix this issue.
The downside of this is of course that connection establishment takes
slightly longer. I think this is an acceptable trade-off even for
scenarios where authentication is not used since this also validates the
connection irrespective of authentication and also because this delay
only occurs once right at the start of an application.
---
CHANGELOG.asciidoc | 1 +
docs/src/upgrade/release-3.6.x.asciidoc| 16 +
.../src/Gremlin.Net/Driver/Connection.cs | 2 +-
.../src/Gremlin.Net/Driver/ConnectionPool.cs | 17 +
.../Driver/GremlinClientAuthenticationTests.cs | 73 +-
5 files changed, 79 insertions(+), 30 deletions(-)
diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc
index 27fde68afd..f1622b1bad 100644
--- a/CHANGELOG.asciidoc
+++ b/CHANGELOG.asciidoc
@@ -24,6 +24,7 @@
image::https://raw.githubusercontent.com/apache/tinkerpop/master/docs/static/ima
=== TinkerPop 3.6.7 (NOT OFFICIALLY RELEASED YET)
* Fixed a bug in Gremlin.Net for .NET 8 that led to exceptions:
`InvalidOperationException: Enumeration has not started. Call MoveNext.`
+* Fixed a bug in the Gremlin.Net driver that could lead to failed
authentication if multiple requests are executed in parallel.
* Fixed message requestId serialization in `gremlin-python`.
* Improved performance of `PathRetractionStrategy` for traversals that carry
many children, but don't hold many labels to propogate.
* Fixed bug in bytecode translation of `g.tx().commit()` and
`g.tx().rollback()` in all languages.
diff --git a/docs/src/upgrade/release-3.6.x.asciidoc
b/docs/src/upgrade/release-3.6.x.asciidoc
index da190bdc89..ac268528d1 100644
--- a/docs/src/upgrade/release-3.6.x.asciidoc
+++ b/docs/src/upgrade/release-3.6.x.asciidoc
@@ -43,6 +43,22 @@ Gremlin.Net driver expected.
See: link:https://issues.apache.org/jira/browse/TINKERPOP-3029[TINKERPOP-3029]
+ Gremlin.Net: Fixed a bug related to authentication for multiple requests
in parallel
+
+Executing multiple queries in parallel could lead to authentication failures
if `MaxInProcessPerConnection` is set to a
+value higher than `1` as the second request could then be sent to the server
while the server was still waiting for
+the authentication challenge response from the driver for the first query.
+
+This is now fixed by simply executing a validation request on each connection
right after establishing the connection.
+That validation request will already handle authentication if necessary so
user requests can afterwards directly be
+executed in parallel without needing to authenticate again.
+
+This is strictly speaking a breaking change since exceptions caused by
authentication failures (no/wrong credentials
+configured) now occur directly when the `GremlinClient` is instantiated.
+In previous versions, the exceptions would only occur when the first request
is executed.
+
+See: link:https://issues.apache.org/jira/browse/TINKERPOP-3063[TINKERPOP-3063]
+
=== Upgrading for Providers
diff --git a/gremlin-dotnet/src/Gremlin.Net/Driver/Connection.cs
b/gremlin-dotnet/src/Gremlin.Net/Driver/Connection.cs
index cabe587fcd..6e4da37b7c 100644
--- a/gremlin-dotnet/src/Gremlin.Net/Driver/Connection.cs
+++ b/gremlin-dotnet/src/Gremlin.Net/Driver/Connection.cs
@@ -140,7 +140,7 @@ namespace Gremlin.Net.Driver
}
catch (Exception e)
{
-if (receivedMsg!.RequestId != null)
+if (receivedMsg.RequestId != null)
{
if(_callbackByRequestId.TryRemove(receivedMsg.RequestId.Value, out var
responseHandler))
{
diff --git a/gremlin-dotnet/src/Gremlin.Net/Driver/ConnectionPool.cs
b/gremlin-dotnet/src/Gremlin.Net/Driver/ConnectionPool.cs
index e4f4a72ae2..82ecace0a7 100644
---
(tinkerpop) branch dependabot/nuget/gremlin-dotnet/3.6-dev/Microsoft.Extensions.Logging.Abstractions-8.0.1 updated (588e362838 -> 28a1e2e613)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/nuget/gremlin-dotnet/3.6-dev/Microsoft.Extensions.Logging.Abstractions-8.0.1 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git omit 588e362838 Bump Microsoft.Extensions.Logging.Abstractions in /gremlin-dotnet add f5d8225ca8 Bump System.Text.Json from 8.0.2 to 8.0.3 in /gremlin-dotnet add 28a1e2e613 Bump Microsoft.Extensions.Logging.Abstractions in /gremlin-dotnet This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (588e362838) \ N -- N -- N refs/heads/dependabot/nuget/gremlin-dotnet/3.6-dev/Microsoft.Extensions.Logging.Abstractions-8.0.1 (28a1e2e613) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
(tinkerpop) branch 3.7-dev updated (936dd8137a -> 8a71161877)
This is an automated email from the ASF dual-hosted git repository. florianhockmann pushed a change to branch 3.7-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from 936dd8137a Merge branch '3.6-dev' into 3.7-dev add f5d8225ca8 Bump System.Text.Json from 8.0.2 to 8.0.3 in /gremlin-dotnet add 8a71161877 Merge branch '3.6-dev' into 3.7-dev No new revisions were added by this update. Summary of changes: gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
(tinkerpop) branch master updated (cc43fbf57a -> bd5d4f77ad)
This is an automated email from the ASF dual-hosted git repository. florianhockmann pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from cc43fbf57a Merge branch '3.7-dev' add f5d8225ca8 Bump System.Text.Json from 8.0.2 to 8.0.3 in /gremlin-dotnet add 8a71161877 Merge branch '3.6-dev' into 3.7-dev new bd5d4f77ad Merge branch '3.7-dev' The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
(tinkerpop) 01/01: Merge branch '3.7-dev'
This is an automated email from the ASF dual-hosted git repository. florianhockmann pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tinkerpop.git commit bd5d4f77ad6632dbc14cc09b378bc594b01f23f1 Merge: cc43fbf57a 8a71161877 Author: Florian Hockmann AuthorDate: Wed Mar 13 10:58:10 2024 +0100 Merge branch '3.7-dev' gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
(tinkerpop) branch dependabot/nuget/gremlin-dotnet/3.6-dev/System.Text.Json-8.0.3 deleted (was f5d8225ca8)
This is an automated email from the ASF dual-hosted git repository. florianhockmann pushed a change to branch dependabot/nuget/gremlin-dotnet/3.6-dev/System.Text.Json-8.0.3 in repository https://gitbox.apache.org/repos/asf/tinkerpop.git was f5d8225ca8 Bump System.Text.Json from 8.0.2 to 8.0.3 in /gremlin-dotnet The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
(tinkerpop) branch 3.6-dev updated (aa90f77595 -> f5d8225ca8)
This is an automated email from the ASF dual-hosted git repository. florianhockmann pushed a change to branch 3.6-dev in repository https://gitbox.apache.org/repos/asf/tinkerpop.git from aa90f77595 Bump Polly from 8.3.0 to 8.3.1 in /gremlin-dotnet add f5d8225ca8 Bump System.Text.Json from 8.0.2 to 8.0.3 in /gremlin-dotnet No new revisions were added by this update. Summary of changes: gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Re: [PR] Bump System.Text.Json from 8.0.2 to 8.0.3 in /gremlin-dotnet [tinkerpop]
FlorianHockmann merged PR #2518: URL: https://github.com/apache/tinkerpop/pull/2518 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@tinkerpop.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
