Skip to content

Commit

Permalink
Merge branch 'main' into cluster_state_split
Browse files Browse the repository at this point in the history
  • Loading branch information
shiv0408 committed May 15, 2024
2 parents 2fe0dd6 + a03db0d commit 556278f
Show file tree
Hide file tree
Showing 102 changed files with 4,691 additions and 952 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,17 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),

## [Unreleased 2.x]
### Added
- Add support for Azure Managed Identity in repository-azure ([#12423](https://github.com/opensearch-project/OpenSearch/issues/12423))
- Add useCompoundFile index setting ([#13478](https://github.com/opensearch-project/OpenSearch/pull/13478))
- Make outbound side of transport protocol dependent ([#13293](https://github.com/opensearch-project/OpenSearch/pull/13293))

### Dependencies
- Bump `com.github.spullara.mustache.java:compiler` from 0.9.10 to 0.9.13 ([#13329](https://github.com/opensearch-project/OpenSearch/pull/13329), [#13559](https://github.com/opensearch-project/OpenSearch/pull/13559))
- Bump `org.gradle.test-retry` from 1.5.8 to 1.5.9 ([#13442](https://github.com/opensearch-project/OpenSearch/pull/13442))
- Bump `org.apache.commons:commons-text` from 1.11.0 to 1.12.0 ([#13557](https://github.com/opensearch-project/OpenSearch/pull/13557))
- Bump `org.hdrhistogram:HdrHistogram` from 2.1.12 to 2.2.1 ([#13556](https://github.com/opensearch-project/OpenSearch/pull/13556))
- Bump `com.gradle.enterprise` from 3.17.2 to 3.17.3 ([#13641](https://github.com/opensearch-project/OpenSearch/pull/13641))
- Bump `org.apache.hadoop:hadoop-minicluster` from 3.3.6 to 3.4.0 ([#13642](https://github.com/opensearch-project/OpenSearch/pull/13642))

### Changed
- Add ability for Boolean and date field queries to run when only doc_values are enabled ([#11650](https://github.com/opensearch-project/OpenSearch/pull/11650))
Expand All @@ -25,6 +29,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### Fixed
- Fix negative RequestStats metric issue ([#13553](https://github.com/opensearch-project/OpenSearch/pull/13553))
- Fix get field mapping API returns 404 error in mixed cluster with multiple versions ([#13624](https://github.com/opensearch-project/OpenSearch/pull/13624))
- Allow clearing `remote_store.compatibility_mode` setting ([#13646](https://github.com/opensearch-project/OpenSearch/pull/13646))

### Security

Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@
This project has adopted the [Amazon Open Source Code of Conduct](CODE_OF_CONDUCT.md). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq), or contact [[email protected]](mailto:[email protected]) with any additional questions or comments.

## Security
If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. Please do **not** create a public GitHub issue.
If you discover a potential security issue in this project we ask that you notify OpenSearch Security directly via email to security@opensearch.org. Please do **not** create a public GitHub issue.

## License

Expand Down
2 changes: 1 addition & 1 deletion SECURITY.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
## Reporting a Vulnerability

If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. Please do **not** create a public GitHub issue.
If you discover a potential security issue in this project we ask that you notify OpenSearch Security directly via email to security@opensearch.org. Please do **not** create a public GitHub issue.
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ public class LicenseAnalyzer {
+ "AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n"
+ "LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n"
+ "OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n"
+ "SOFTWARE\\.\n").replaceAll("\\s+", "\\\\s*"),
+ "SOFTWARE\\.?\n").replaceAll("\\s+", "\\\\s*"),
Pattern.DOTALL
)
),
Expand Down
86 changes: 85 additions & 1 deletion plugins/repository-azure/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,21 @@ dependencies {
api "io.netty:netty-transport-native-unix-common:${versions.netty}"
implementation project(':modules:transport-netty4')
api 'com.azure:azure-storage-blob:12.23.0'
api 'com.azure:azure-identity:1.11.4'
// Start of transitive dependencies for azure-identity
api 'com.microsoft.azure:msal4j-persistence-extension:1.2.0'
api "net.java.dev.jna:jna-platform:${versions.jna}"
api 'com.microsoft.azure:msal4j:1.14.3'
api 'com.nimbusds:oauth2-oidc-sdk:11.9.1'
api 'com.nimbusds:nimbus-jose-jwt:9.37.3'
api 'com.nimbusds:content-type:2.3'
api 'com.nimbusds:lang-tag:1.7'
// Both msal4j:1.14.3 and oauth2-oidc-sdk:11.9.1 has compile dependency on different versions of json-smart,
// selected the higher version which is 2.5.0
api 'net.minidev:json-smart:2.5.0'
api 'net.minidev:accessors-smart:2.5.0'
api "org.ow2.asm:asm:${versions.asm}"
// End of transitive dependencies for azure-identity
api "io.projectreactor.netty:reactor-netty-core:${versions.reactor_netty}"
api "io.projectreactor.netty:reactor-netty-http:${versions.reactor_netty}"
api "org.slf4j:slf4j-api:${versions.slf4j}"
Expand Down Expand Up @@ -180,7 +195,76 @@ thirdPartyAudit {
'io.micrometer.observation.ObservationHandler',
'io.micrometer.observation.ObservationRegistry',
'io.micrometer.observation.ObservationRegistry$ObservationConfig',
'io.micrometer.tracing.handler.DefaultTracingObservationHandler'
'io.micrometer.tracing.handler.DefaultTracingObservationHandler',
// Start of the list of classes from the optional compile/provided dependencies used in "com.nimbusds:oauth2-oidc-sdk".
'com.google.crypto.tink.subtle.Ed25519Sign',
'com.google.crypto.tink.subtle.Ed25519Sign$KeyPair',
'com.google.crypto.tink.subtle.Ed25519Verify',
'com.google.crypto.tink.subtle.X25519',
'com.google.crypto.tink.subtle.XChaCha20Poly1305',
'jakarta.servlet.ServletRequest',
'jakarta.servlet.http.HttpServletRequest',
'jakarta.servlet.http.HttpServletResponse',
'javax.servlet.ServletRequest',
'javax.servlet.http.HttpServletRequest',
'javax.servlet.http.HttpServletResponse',
// net.shibboleth.utilities:java-support.* is declared as optional in the plugin `bnd-maven-plugin` used in "com.nimbusds:oauth2-oidc-sdk"
// Worth nothing that, the latest dependency "net.shibboleth.utilities:java-support:8.0.0" has many vulnerabilities.
// Hence ignored.
'net.shibboleth.utilities.java.support.xml.SerializeSupport',
'org.bouncycastle.asn1.pkcs.PrivateKeyInfo',
'org.bouncycastle.asn1.x509.AlgorithmIdentifier',
'org.bouncycastle.asn1.x509.SubjectPublicKeyInfo',
'org.bouncycastle.cert.X509CertificateHolder',
'org.bouncycastle.cert.jcajce.JcaX509CertificateHolder',
'org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder',
'org.bouncycastle.crypto.InvalidCipherTextException',
'org.bouncycastle.crypto.engines.AESEngine',
'org.bouncycastle.crypto.modes.GCMBlockCipher',
'org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider',
'org.bouncycastle.jce.provider.BouncyCastleProvider',
'org.bouncycastle.openssl.PEMKeyPair',
'org.bouncycastle.openssl.PEMParser',
'org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter',
'org.bouncycastle.operator.jcajce.JcaContentSignerBuilder',
'org.cryptomator.siv.SivMode',
'org.opensaml.core.config.InitializationException',
'org.opensaml.core.config.InitializationService',
'org.opensaml.core.xml.XMLObject',
'org.opensaml.core.xml.XMLObjectBuilder',
'org.opensaml.core.xml.XMLObjectBuilderFactory',
'org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport',
'org.opensaml.core.xml.io.Marshaller',
'org.opensaml.core.xml.io.MarshallerFactory',
'org.opensaml.core.xml.io.MarshallingException',
'org.opensaml.core.xml.io.Unmarshaller',
'org.opensaml.core.xml.io.UnmarshallerFactory',
'org.opensaml.core.xml.schema.XSString',
'org.opensaml.core.xml.schema.impl.XSStringBuilder',
'org.opensaml.saml.saml2.core.Assertion',
'org.opensaml.saml.saml2.core.Attribute',
'org.opensaml.saml.saml2.core.AttributeStatement',
'org.opensaml.saml.saml2.core.AttributeValue',
'org.opensaml.saml.saml2.core.Audience',
'org.opensaml.saml.saml2.core.AudienceRestriction',
'org.opensaml.saml.saml2.core.AuthnContext',
'org.opensaml.saml.saml2.core.AuthnContextClassRef',
'org.opensaml.saml.saml2.core.AuthnStatement',
'org.opensaml.saml.saml2.core.Conditions',
'org.opensaml.saml.saml2.core.Issuer',
'org.opensaml.saml.saml2.core.NameID',
'org.opensaml.saml.saml2.core.Subject',
'org.opensaml.saml.saml2.core.SubjectConfirmation',
'org.opensaml.saml.saml2.core.SubjectConfirmationData',
'org.opensaml.saml.security.impl.SAMLSignatureProfileValidator',
'org.opensaml.security.credential.BasicCredential',
'org.opensaml.security.credential.Credential',
'org.opensaml.security.credential.UsageType',
'org.opensaml.xmlsec.signature.Signature',
'org.opensaml.xmlsec.signature.support.SignatureException',
'org.opensaml.xmlsec.signature.support.SignatureValidator',
'org.opensaml.xmlsec.signature.support.Signer',
// End of the list of classes from the optional compile/provided dependencies used in "com.nimbusds:oauth2-oidc-sdk".
)

ignoreViolations(
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
aca011492dfe9c26f4e0659028a4fe0970829dd8
Loading

0 comments on commit 556278f

Please sign in to comment.