Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump Akka from 1.4.33 to 1.4.46 in /src/NBench.Tests.Performance.WithDependencies #443

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

Bump Akka from 1.4.33 to 1.4.46 in /src/NBench.Tests.Performance.WithDependencies #443

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 22, 2022

Bumps Akka from 1.4.33 to 1.4.46.

Release notes

Sourced from Akka's releases.

Akka.NET v1.4.46

1.4.46 November 15th 2022

Akka.NET v1.4.46 is a security patch for Akka.NET v1.4.45 but also includes some other fixes.

Security Advisory: Akka.NET v1.4.45 and earlier depend on an old System.Configuration.ConfigurationManager version 4.7.0 which transitively depends on System.Common.Drawing v4.7.0. The System.Common.Drawing v4.7.0 is affected by a remote code execution vulnerability GHSA-ghhp-997w-qr28.

We have separately created a security advisory for Akka.NET Versions < 1.4.46 and < 1.5.0-alpha3 to track this issue.

Fixes and Updates

You can see the full set of tracked issues for Akka.NET v1.4.46 here.

Changes:

  • 44d380826fdf4adf53cd34339f33842fccccf87e added v1.4.46 release notes (#6255)
  • 2b85598bc3121abe6bbd50f8caac369a77e46f9f Upgrade to Newtonsoft.Json 13.0.1 as minimum version (#6230) (#6252)
  • d6ba97a9108c60a0eb96316abedaab8528310e52 (cherry-picked from 94756d644d7bb1ae6e3b591222176d7a189205da) (#6253)
  • e94913cabd222f478dc2d4849667f82f2c8ae781 Make transport adapter messages public (#6250)
  • eeb156c649b2f6e55a0016c2e19ba1c2616fe308 [BACKPORT #6221] Report cause for Akka/IO TCP CommandFailed events (#6224) [ #22954 ]
  • dca908baf06d91f4c424af9c116a0d5f07b30054 Improve Akka.Cluster.Metrics collected values (#6203)
  • 61df6fca040f3df61e4229cf4513397594dae20e Separate wire protocol from internal models (#6206)
  • 9f84438ca4a04efb34b8f5a20ff1dc8c020a256b Make sure that DeadLetters published by DistributedPubSubMediator contain full context of topic (#6209)

This list of changes was auto generated.

Akka.NET v1.4.45

1.4.45 October 19th 2022

Akka.NET v1.4.45 is a patch release for Akka.NET v1.4 for a bug introduced in v1.4.44.

Patch

Changes:

  • 5f496e8e29b0f3bd2bbd2c8c7ce67fca8aa103cd Update RELEASE_NOTES.md for 1.4.45 release (#6202)
  • 90dde2581c8ae903b5cff7c585dcc6a8725ef2aa Revert ConfigurationException due to binary incompatibility (#6201)

This list of changes was auto generated.

Akka.NET v1.4.44

1.4.44 October 17th 2022

Akka.NET v1.4.44 is a maintenance release for Akka.NET v1.4 that contains numerous performance improvements in critical areas, including core actor message processing and Akka.Remote.

Performance Fixes

... (truncated)

Changelog

Sourced from Akka's changelog.

1.5.0-alpha3 November 15th 2022

Akka.NET v1.5.0-alpha3 is a security patch for Akka.NET v1.5.0-alpha2 but also includes some other fixes.

Security Advisory: Akka.NET v1.5.0-alpha2 and earlier depend on an old System.Configuration.ConfigurationManager version 4.7.0 which transitively depends on System.Common.Drawing v4.7.0. The System.Common.Drawing v4.7.0 is affected by a remote code execution vulnerability GHSA-ghhp-997w-qr28.

We have separately created a security advisory for Akka.NET Versions < 1.4.46 and < 1.5.0-alpha3 to track this issue.

Fixes and Updates

You can see the full set of tracked issues for Akka.NET v1.5.0 here.

1.5.0-alpha2 October 17th 2022

Akka.NET v1.5.0-alpha2 is a maintenance release for Akka.NET v1.5 that contains numerous performance improvements in critical areas, including core actor message processing and Akka.Remote.

Performance Fixes

In sum you should expect to see total memory consumption, garbage collection, and throughput improve when you upgrade to Akka.NET v1.5.0-alpha2.

Other Features and Improvements

1.5.0-alpha1 August 22 2022

Akka.NET v1.5.0-alpha1 is a major release that contains a lot of code improvement and rewrites/refactors. Major upgrades to Akka.Cluster.Sharding in particular.

Deprecation

Some codes and packages are being deprecated in v1.5

... (truncated)

Commits
  • 44d3808 added v1.4.46 release notes (#6255)
  • 2b85598 Upgrade to Newtonsoft.Json 13.0.1 as minimum version (#6230) (#6252)
  • d6ba97a (cherry-picked from 94756d644d7bb1ae6e3b591222176d7a189205da) (#6253)
  • e94913c Make transport adapter messages public (#6250)
  • eeb156c [BACKPORT #6221] Report cause for Akka/IO TCP CommandFailed events (#6224)
  • dca908b Improve Akka.Cluster.Metrics collected values (#6203)
  • 61df6fc Separate wire protocol from internal models (#6206)
  • 9f84438 Make sure that DeadLetters published by DistributedPubSubMediator contain...
  • 5f496e8 Update RELEASE_NOTES.md for 1.4.45 release (#6202)
  • 90dde25 Revert ConfigurationException due to binary incompatibility (#6201)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump Akka in /src/NBench.Tests.Performance.WithDependencies
8ee84c3 
Bumps [Akka](https://github.com/akkadotnet/akka.net) from 1.4.33 to 1.4.46.
- [Release notes](https://github.com/akkadotnet/akka.net/releases)
- [Changelog](https://github.com/akkadotnet/akka.net/blob/dev/RELEASE_NOTES.md)
- [Commits](akkadotnet/akka.net@1.4.33...1.4.46)

---
updated-dependencies:
- dependency-name: Akka
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 22, 2022
@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@CLAassistant