Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump xxl-job-core from 2.3.0-SNAPSHOT to 2.3.1 in /java/thinkinshop-admin #21

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Feb 28, 2023

Bumps xxl-job-core from 2.3.0-SNAPSHOT to 2.3.1.

Release notes

Sourced from xxl-job-core's releases.

XXL-JOB v2.3.1,分布式任务调度平台

  • 1、【修复】修复风险漏洞,升级问题低版本项目依赖:CVE-2021-2471CVE-2022-22965等。
  • 2、【修复】修复故障告警逻辑,邮箱校验逻辑下放至EmailJobAlarm中,避免对其他告警方式的干扰。
  • 3、【优化】调度通讯默认启用accessToken,提升系统安全性(建议生产环境自定义accessToken)。
  • 4、【优化】合并多项PR,项目代码结构、健壮性优化:PR-2833、PR-2812、PR-2541、PR-2537、PR-2514、PR-2509、PR-2591。
  • 5、【优化】任务线程名优化,提升可读性与问题定位效率(ISSUE-2527)。

XXL-JOB v2.3.0,分布式任务调度平台

Release Notes

  • 1、【新增】调度过期策略:调度中心错过调度时间的补偿处理策略,包括:忽略、立即补偿触发一次等;
  • 2、【新增】触发策略:除了常规Cron、API、父子任务触发方式外,新增提供 "固定间隔触发、(固定延时触发,实验中)" 新触发方式;
  • 3、【新增】新增任务辅助工具 "XxlJobHelper":提供统一任务辅助能力,包括:任务上下文信息维护获取(任务参数、任务ID、分片参数)、日志输出、任务结果设置……等;
    • 3.1、"ShardingUtil" 组件废弃:改用 "XxlJobHelper.getShardIndex()/getShardTotal();" 获取分片参数;
    • 3.2、"XxlJobLogger" 组件废弃:改用 "XxlJobHelper.log" 进行日志输出;
  • 4、【优化】任务核心类 "IJobHandler" 的 "execute" 方法取消出入参设计。改为通过 "XxlJobHelper.getJobParam" 获取任务参数并替代方法入参,通过 "XxlJobHelper.handleSuccess/handleFail" 设置任务结果并替代方法出参,示例代码如下;
@XxlJob("demoJobHandler")
public void execute() {
  String param = XxlJobHelper.getJobParam();    // 获取参数
  XxlJobHelper.handleSuccess();                 // 设置任务结果
}
  • 5、【优化】Cron编辑器增强:Cron编辑器修改cron时可实时查看最近运行时间;
  • 6、【优化】执行器示例项目规范整理;
  • 7、【优化】任务调度生命周期重构:调度(schedule)、触发(trigger)、执行(handle)、回调(callback)、结束(complete);
  • 8、【优化】执行器注册组件优化:注册逻辑调整为异步方式,提高注册性能;
  • 9、【优化】执行器鉴权校验:执行器启动时主动校验accessToken,为空则主动Warn告警;(已规划安全强化:AccessToken动态生成、动态启停等)
  • 10、【优化】邮箱告警配置优化:将"spring.mail.from"与"spring.mail.username"属性拆分开,更加灵活的支持一些无密码邮箱服务;
  • 11、【优化】多个项目依赖升级至较新稳定版本,如netty、groovy、spring、springboot、mybatis等;
  • 12、【优化】UI组件常规升级,提升组件稳定性;
  • 13、【优化】调度中心页面交互优化:用户管理模块密码列取消;多处表达autocomplete取消;执行器管理模块XSS拦截校验等;
  • 14、【优化】调度中心任务状态探测慢SQL问题优化;
  • 15、【修复】GLUE-Java模式任务,init/destroy无法执行问题修复;
  • 16、【修复】Cron编辑器问题修复:修复小概率情况下cron单个字段修改时导致其他字段被重置问题;
  • 17、【修复】通用HTTP任务Handler(httpJobHandler)优化:修复 "setDoOutput(true)" 导致任务请求GetMethod失效问题;
  • 18、【修复】执行器Commandhandler示例任务优化,修复极端情况下脚本进程挂起问题;
  • 19、【修复】调度通讯组件优化,修复RestFul方式调用 DotNet 版本执行器时心跳检测失败问题;
  • 20、【修复】调度中心远程执行日志查询乱码问题修复;
  • 21、【修复】调度中心组件加载顺序优化,修复极端情况下调度组件初始慢导致的调度失败问题;
  • 22、【修复】执行器注册线程优化,修复极端情况下初始化失败时导致NPE问题;
  • 23、【修复】调度线程连接池优化,修复连接有效性校验超时问题;
  • 24、【修复】执行器注册表字段优化,解决执行器注册节点过多导致注册信息存储和更新失败的问题;
  • 25、【修复】轮训路由策略优化,修复小概率下并发问题;
  • 26、【修复】页面redirect跳转后https变为http问题修复;
  • 27、【修复】执行器日志清理优化,修复小概率下日志文件为空导致清理异常问题;
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [xxl-job-core](https://github.com/xuxueli/xxl-job) from 2.3.0-SNAPSHOT to 2.3.1.
- [Release notes](https://github.com/xuxueli/xxl-job/releases)
- [Commits](https://github.com/xuxueli/xxl-job/commits/2.3.1)

---
updated-dependencies:
- dependency-name: com.xuxueli:xxl-job-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Feb 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants