Skip to content

build(deps): bump sphinx-scylladb-theme from 1.9.1 to 1.9.2 in /docs#869

Closed
dependabot[bot] wants to merge 33 commits into
scylla-4.xfrom
dependabot/pip/docs/sphinx-scylladb-theme-1.9.2
Closed

build(deps): bump sphinx-scylladb-theme from 1.9.1 to 1.9.2 in /docs#869
dependabot[bot] wants to merge 33 commits into
scylla-4.xfrom
dependabot/pip/docs/sphinx-scylladb-theme-1.9.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 14, 2026

Copy link
Copy Markdown

Bumps sphinx-scylladb-theme from 1.9.1 to 1.9.2.

Release notes

Sourced from sphinx-scylladb-theme's releases.

1.9.2

Changelog:

https://github.com/scylladb/sphinx-scylladb-theme/blob/master/docs/source/upgrade/CHANGELOG.md#192---14-april-2026

Commits
  • 64fd363 chore: release 1.9.2 (#1614)
  • bfe67e2 Build(deps-dev): bump flatted from 3.3.3 to 3.4.2 (#1602)
  • ad2249c Build(deps): bump picomatch (#1603)
  • 6fbca0f Build(deps): bump actions/deploy-pages from 4 to 5 (#1604)
  • 65c30df Build(deps): bump requests from 2.32.5 to 2.33.0 (#1605)
  • 13e655d Build(deps): bump pygments from 2.19.2 to 2.20.0 (#1606)
  • 0ef0313 Build(deps-dev): bump lodash from 4.17.21 to 4.18.1 (#1608)
  • a3e1cd9 Build(deps-dev): bump pytest from 9.0.2 to 9.0.3 (#1609)
  • 7a50cc4 Build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#1611)
  • 6744e9e Build(deps-dev): bump sphinx-multiversion-scylla from 0.3.7 to 0.3.8 (#1613)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [sphinx-scylladb-theme](https://github.com/scylladb/sphinx-scylladb-theme) from 1.9.1 to 1.9.2.
- [Release notes](https://github.com/scylladb/sphinx-scylladb-theme/releases)
- [Commits](scylladb/sphinx-scylladb-theme@1.9.1...1.9.2)

---
updated-dependencies:
- dependency-name: sphinx-scylladb-theme
  dependency-version: 1.9.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 14, 2026
nikagra and others added 8 commits April 18, 2026 13:15
Replace all third-party action version tags (e.g. @v5) with immutable
commit SHAs to reduce supply chain attack surface. Version tags are
mutable and can be redirected to malicious code; SHAs are permanent.

The pinned versions are:
  actions/checkout            v5.0.1  93cb6efe18208431cddfb8368fd83d5badbf9bfd
  actions/setup-java          v5.2.0  be666c2fcd27ec809703dec50e508c2fdc7f6654
  actions/setup-python        v6.2.0  a309ff8b426b58ec0e2a45f0f869d46889d02405
  actions/cache (restore/save)v4.3.0  0057852bfaa89a56745cba8c7296529d2fc39830
  actions/upload-artifact     v4.6.2  ea165f8d65b6e75b540449e92b4886f43607fa02
  astral-sh/setup-uv          v6.8.0  d0cc045d04ccac9d8b7881df0226f9e82c39688e
  mikepenz/action-junit-report v5.6.2 3585e9575db828022551b4231f165eb59a0e74e3
  scylladb/github-automation  main    7b9848eb304fd3af1e757fe3c3c1ed497515f0fc

Also adds a section to CONTRIBUTING.md explaining how to safely update
pinned actions in the future (find SHA for tag, verify no impostor
commit, update workflow files and repo settings allowlist).

Closes: DRIVER-582
…on tests

ScyllaDB PR scylladb/scylladb#25342 changed ks_prop_defs::as_ks_metadata()
so that tablets are now enabled by default for all replication strategies.
SimpleStrategy does not support tablets and throws:
  InvalidConfigurationInQueryException: SimpleStrategy doesn't support tablet replication

Replace all SimpleStrategy keyspace creation in integration tests with
NetworkTopologyStrategy (datacenter1), which supports tablets.

Files changed:
- SessionUtils.createKeyspace(): central keyspace creator used by SessionRule
  (fixes the majority of test failures via cascade)
- SchemaChangesIT: 3 CREATE + 1 ALTER CQL strings + updated assertion
  (NTS replication map has class + datacenter1 instead of class + replication_factor)
- TokenITBase: 2 CREATE KEYSPACE (RF=1 and RF=2)
- SimpleStatementCcmIT: 1 CREATE KEYSPACE
- LWTLoadBalancingIT: 1 CREATE KEYSPACE (RF=3)
- DefaultKeyspaceIT: 1 CREATE KEYSPACE (mapper test)
- QueryKeyspaceAndTableIT: 1 CREATE KEYSPACE (mapper test)
- MailboxServiceImpl: 1 CREATE KEYSPACE (osgi test)
…tics (DRIVER-540)

Add NodeDiagnostics public inner class to DriverTimeoutException with fields
for in-flight counts and pool capacity, and generate a diagnostic suffix in
the exception message at timeout time. Refactor all four request-handler
timeout paths (CqlRequestHandler, CqlPrepareHandler, GraphRequestHandler,
ContinuousRequestHandlerBase) to build List<NodeDiagnostics> instead of a
raw message string. Update IT assertions that matched exact message strings
to use hasMessageStartingWith() to accommodate the new suffix.
Driver did not consider SERIAL SELECT as LWT and therefore routed them
as regular queries causing LWT congestion.
Fix is to consider consistency when RequestRoutingMethod is calculated.
… pool size (DRIVER-540)

Add four additional fields to DriverTimeoutException.NodeDiagnostics captured at
timeout time:

- nodeState: UP/DOWN/FORCED_DOWN/UNKNOWN — immediately explains timeouts to downed nodes
- nodeDistance: LOCAL/REMOTE/IGNORED — contextualizes latency expectations
- datacenter: node DC — helps diagnose cross-DC routing issues
- poolSize: active connection count — reveals degraded pools (fewer connections than expected)

All four are available from Node and ChannelPool already in scope at each
buildNodeDiagnostics() call site. No new infrastructure required.

Updated toString() example:
  /10.0.0.1:9042 [state: UP, distance: LOCAL, dc: dc1, channel in-flight: 5,
   pool size: 3, pool in-flight: 12, pool available ids: 988, pool orphaned ids: 2]
@annastuchlik

Copy link
Copy Markdown

@dkropachev Please merge.

nikagra and others added 13 commits May 18, 2026 23:04
When the cached CompletableFuture is already done, return it directly
instead of creating a defensive copy via thenApply(x -> x). Completed
futures are immutable (cancel/complete are no-ops), so the copy only
served to release the caller's strong reference to the cached value,
causing premature weak-value eviction under GC pressure.

This led to repeated PREPARE requests being sent to all nodes on every
execution, as the cache entry would be garbage-collected between calls.
With prepare-on-all-nodes=true (default), each eviction multiplied the
re-prepare cost by the cluster node count.

The defensive copy is still used for in-flight futures to protect the
shared cache entry from cancellation by concurrent waiters.

Ref: CUSTOMER-372
Lz4FrameDecoder in netty-codec prior to 4.1.133.Final allocates up to
32 MB per block before decompression runs. A peer can trigger this with
a 21-byte crafted LZ4 header, causing memory exhaustion (DoS).

Bump netty.version from 4.1.127.Final to 4.1.133.Final so all consumers
of java-driver-core inherit the fix transitively, without needing local
dependencyManagement overrides.

Ref: scylladb/kafka-connect-scylladb#164
CVE: CVE-2026-42583
CVSS: 7.5 (HIGH)
…o 4.19.2.0 (#895)

* CASSANDRA-19635: Run integration tests with C* 5.x

patch by Lukasz Antoniak; reviewed by Andy Tolbert, and Bret McGuire for CASSANDRA-19635

* CASSANDRA-19635: Configure Jenkins to run integration tests with C* 5.x

patch by Lukasz Antoniak; reviewed by Bret McGuire for CASSANDRA-19635

* update badge URL to org.apache.cassandra/java-driver-core

* Limit calls to Conversions.resolveExecutionProfile

Those repeated calls account for a non-negligible portion of my application
CPU (0.6%) and can definitly be a final field so that it gets resolved only
once per CqlRequestHandler.

patch by Benoit Tellier; reviewed by Andy Tolbert, and Bret McGuire
reference: apache#1623

* autolink JIRA tickets in commit messages

patch by Stefan Miklosovic; reviewed by Michael Semb Wever for CASSANDRA-19854

* Don't return empty routing key when partition key is unbound

DefaultBoundStatement#getRoutingKey has logic to infer the
routing key when no one has explicitly called setRoutingKey
or otherwise set the routing key on the statement.
It however doesn't check for cases where nothing has been
bound yet on the statement.
This causes more problems if the user decides to get a
BoundStatementBuilder from the PreparedStatement, set some
fields on it, and then copy it by constructing new
BoundStatementBuilder objects with the BoundStatement as a
parameter, since the empty ByteBuffer gets copied to all
bound statements, resulting in all requests being targeted
to the same Cassandra node in a token-aware load balancing
policy.

patch by Ammar Khaku; reviewed by Andy Tolbert, and Bret McGuire
reference: apache#1620

* JAVA-3167: CompletableFutures.allSuccessful() may return never completed future

patch by Lukasz Antoniak; reviewed by Andy Tolbert, and Bret McGuire for JAVA-3167

* ninja-fix Various test fixes

* Run integration tests with DSE 6.9.0

patch by Lukasz Antoniak; reviewed by Bret McGuire
reference: apache#1955

* JAVA-3117: Call CcmCustomRule#after if CcmCustomRule#before fails to allow subsequent tests to run

patch by Henry Hughes; reviewed by Alexandre Dutra and Andy Tolbert for JAVA-3117

* JAVA-3149: Support request cancellation in request throttler
patch by Lukasz Antoniak; reviewed by Andy Tolbert and Chris Lohfink for JAVA-3149

* Fix C* 3.0 tests failing on Jenkins
patch by Lukasz Antoniak; reviewed by Bret McGuire
reference: apache#1939

* Reduce lock held duration in ConcurrencyLimitingRequestThrottler

It might take some (small) time for callback handling when the
throttler request proceeds to submission.

Before this change, the throttler proceed request will happen while
holding the lock, preventing other tasks from proceeding when there is
spare capacity and even preventing tasks from enqueuing until the
callback completes.

By tracking the expected outcome, we can perform the callback outside
of the lock. This means that request registration and submission can
proceed even when a long callback is being processed.

patch by Jason Koch; Reviewed by Andy Tolbert and Chris Lohfink for CASSANDRA-19922

* Annotate BatchStatement, Statement, SimpleStatement methods with CheckReturnValue

Since the driver's default implementation is for
BatchStatement and SimpleStatement methods to be immutable,
we should annotate those methods with @CheckReturnValue.
Statement#setNowInSeconds implementations are immutable so
annotate that too.

patch by Ammar Khaku; reviewed by Andy Tolbert and Bret McGuire
reference: apache#1607

* Remove "beta" support for Java17 from docs

patch by Bret McGuire; reviewed by Andy Tolbert and Alexandre Dutra
reference: apache#1962

* Fix uncaught exception during graceful channel shutdown

after exceeding max orphan ids

patch by Christian Aistleitner; reviewed by Andy Tolbert, and Bret McGuire for apache#1938

* Build a public CI for Apache Cassandra Java Driver

 patch by Siyao (Jane) He; reviewed by Mick Semb Wever for CASSANDRA-19832

* CASSANDRA-19932: Allow to define extensions while creating table
patch by Lukasz Antoniak; reviewed by Bret McGuire and Chris Lohfink

* Fix DefaultSslEngineFactory missing null check on close

patch by Abe Ratnofsky; reviewed by Andy Tolbert and Chris Lohfink for CASSANDRA-20001

* Query builder support for NOT CQL syntax

patch by Bret McGuire; reviewed by Bret McGuire and Andy Tolbert for CASSANDRA-19930

* Fix CustomCcmRule to drop `CURRENT` flag no matter what

If super.after() throws an Exception `CURRENT` flag is never dropped
which leads next tests to fail with IllegalStateException("Attempting to use a Ccm rule while another is in use.  This is disallowed")

Patch by Dmitry Kropachev; reviewed by Andy Tolbert and Bret McGuire for JAVA-3117

* JAVA-3051: Memory leak

patch by Jane He; reviewed by Alexandre Dutra and Bret McGuire for JAVA-3051

* Automate latest Cassandra versions when running CI

 patch by Siyao (Jane) He; reviewed by Mick Semb Wever for CASSJAVA-25

* Refactor integration tests to support multiple C* distributions. Test with DataStax HCD 1.0.0

patch by Lukasz Antoniak; reviewed by Bret McGuire
reference: apache#1958

* Fix TableMetadata.describe() when containing a vector column

patch by Stefan Miklosovic; reviewed by Bret McGuire for CASSJAVA-2

* Move Apache Cassandra 5.x off of beta1 and remove some older Apache Cassandra versions.

patch by Bret McGuire; reviewed by Bret McGuire for CASSJAVA-54

* Update link to Jira to be CASSJAVA

Updating the link to Jira.

Previously we had a component in the CASSANDRA Jira project but now we have a project for each driver - in the case of Java, it's CASSJAVA.

Added CASSJAVA to .asf.yaml

patch by Jeremy Hanna; reviewed by Bret McGuire for CASSJAVA-61

* Move DataStax shaded Guava module into Java driver

patch by Lukasz Antoniak; reviewed by Alexandre Dutra and Bret McGuire for CASSJAVA-52

* JAVA-3057 Allow decoding a UDT that has more fields than expected

patch by Ammar Khaku; reviewed by Andy Tolbert and Bret McGuire
reference: apache#1635

* CASSJAVA-55 Remove setting "Host" header for metadata requests.

With some sysprops enabled this will actually be respected which completely borks Astra routing.

patch by Bret McGuire; reviewed by Alexandre Dutra and Bret McGuire for CASSJAVA-55

* JAVA-3118: Add support for vector data type in Schema Builder, QueryBuilder
patch by Jane He; reviewed by Mick Semb Wever and Bret McGuire for JAVA-3118
reference: apache#1931

* Upgrade Guava to 33.3.1-jre

patch by Lukasz Antoniak; reviewed by Alexandre Dutra and Bret McGuire for CASSJAVA-53

* Do not always cleanup Guava shaded module before packaging

* Revert "Do not always cleanup Guava shaded module before packaging"

This reverts commit 5be52ec.

* Conditionally compile shaded Guava module

* JAVA-3143: Extend driver vector support to arbitrary subtypes and fix handling of variable length types (OSS C* 5.0)

patch by Jane He; reviewed by Bret McGuire and João Reis
reference: apache#1952

* JAVA-3168 Copy node info for contact points on initial node refresh only from first match by endpoint

patch by Alex Sasnouskikh; reviewed by Andy Tolbert and Alexandre Dura for JAVA-3168

* JAVA-3055: Prevent PreparedStatement cache to be polluted if a request is cancelled.

There was a critical issue when the external code cancels a request, indeed the cached CompletableFuture will then always throw a CancellationException.
This may happens, for example, when used by reactive like Mono.zip or Mono.firstWithValue.

patch by Luc Boutier; reviewed by Alexandre Dutra and Bret McGuire
reference: apache#1757

* Expose a decorator for CqlPrepareAsyncProcessor cache rather than the ability to specify an
arbitrary cache from scratch.

Also bringing tests from apache#2003 forward
with a few minor changes due to this implementation

patch by Bret McGuire; reviewed by Bret McGuire and Andy Tolbert
reference: apache#2008

* ninja-fix Using shaded Guava classes for import in order to make OSGi class paths happy.

Major hat tip to Dmitry Konstantinov for the find here!

* Changelog updates for 4.19.0

* [maven-release-plugin] prepare release 4.19.0

* [maven-release-plugin] prepare for next development iteration

* CASSJAVA-80: Support configuration to disable DNS reverse-lookups for SAN validation

patch by Abe Ratnofsky; reviewed by Alexandre Dutra, Andy Tolbert, and Francisco Guerrero for CASSJAVA-80

* ninja-fix Minor fix to CASSJAVA-80 change.  Adding new entries to DefaultDriverOption anywhere other than
at the end messes with the ordinal guarantees for exisitng apps.  We have a check for such a
thing in the build; moving this around avoids that concern.

* CASSJAVA-90 Update native-protocol version

patch by Bret McGuire; reviewed by Abe Ratnofsky and Bret McGuire for CASSJAVA-90

* CASSJAVA-40: Driver testing against Java 21
patch by Jane He; reviewed by Bret McGuire for CASSJAVA-40

* Add support for Java21 builds to test runs (plus a few other small cleanups)

patch by Bret McGuire; reviewed by Joao Reis for CASSJAVA-40

* Upgrade Netty to 4.1.119

patch by Abe Ratnofsky; reviewed by Bret McGuire for CASSJAVA-77

* ninja-fix Update revapi to key off of the artifact ID (and group ID)

* Prevent long overflow in SNI address resolution

patch by Lukasz Antoniak and Alexandre Dutra; reviewed by Bret McGuire

* ninja-fix Revert docker image name (CASSJAVA-40)

* Make guava an optional dependency of java-driver-guava-shaded

With CASSJAVA-52, the java-driver-guava-shaded is now in tree.

This appears to work great, but there is a slight issue with the
dependency tree that allows unshaded guava packages to be imported
within the project.

It looks like marking guava as an optional dependency in
java-driver-guava-shaded resolves this.

patch by Andy Tolbert; reviewed by Alexandre Dutra and Dmitry Konstantinov for CASSJAVA-76

* Bump Jackson version to la(te)st 2.13, 2.13.5

patch by Tatu Saloranta; reviewed by Bret McGuire
reference: apache#1989

* CASSJAVA-68 Improve DefaultCodecRegisry.CacheKey#hashCode() to eliminate Object[] allocation (found via profiler)

patch by Tatu Saloranta; reviewed by Dmitry Konstantinov and Bret McGuire for CASSJAVA-68

* ninja-fix Format fix for previous commit

* Add SubnetAddressTranslator to translate Cassandra node IPs from private network based on its subnet mask

patch by Alex Sasnouskikh; reviewed by Bret McGuire and Andy Tolbert
reference: apache#2013

* Fix revapi surious complaints about optional dependencies

patch by Abe Ratnofsky; reviewed by Bret McGuire for CASSJAVA-102

* ninja-fix: updating OS label in Jenkinsfile after upgrade to Focal for runner

* ninja-fix: openjdk@1.17.0 instead of openjdk@17 for ASF CI
patch by Jane He; reviewed by Bret McGuire and Alexandre Dutra

* Remove unnecessary locking in DefaultNettyOptions

This value is initialized at constructor time and marked final, so it
can never change. There is no need to have access to this reference
synchronized.

Patch by Jason Koch; reviewed by Alexandre Dutra, Andy Tolbert and Jane He

* CASSJAVA-89 fix: support schema options that changed in Cassandra 5.0

Patch by Michael Karsten; reviewed by Abe Ratnofsky and Andy Tolbert for CASSJAVA-89

* Eliminate lock in ConcurrencyLimitingRequestThrottler

Following from 6d3ba47 this changes the throttler to a complete
lock-free implementation. Update the related comments and README now
that it is lock-free.

Patch by Jason Koch; reviewed by Alexandre Dutra and Andy Tolbert

* Change groupId in README

patch by Ivan Sopov; reviewed by Bret McGuire
reference: apache#2049

* manual: correct the codeblock directive

patch by Kefu Chai; reviewed by Andy Tolbert and Bret McGuire
reference: apache#1940

* CASSJAVA-92: Local DC provided for nodetool clientstats
patch by Lukasz Antoniak; reviewed by Bret McGuire and Abe Ratnofsky for CASSJAVA-92

* CASSJAVA-97: Let users inject an ID for each request and write to the custom payload

patch by Jane He; reviewed by Abe Ratnofsky and Bret McGuire for CASSJAVA-97

* Changelog entries for 4.19.1

patch by Bret McGuire; reviewed by Andy Tolbert

* [maven-release-plugin] prepare release 4.19.1

* [maven-release-plugin] prepare for next development iteration

* CASSJAVA-116: Retry or Speculative Execution with RequestIdGenerator throws "Duplicate Key"
patch by Jane He; reviewed by Andy Tolbert and Lukasz Atoniak for CASSJAVA-116

* Changelog updates for 4.19.2

patch by Bret McGuire; reviewed by Lukasz Antoniak and Andy Tolbert
reference: apache#2062

* [maven-release-plugin] prepare release 4.19.2

* chore: bump version to 4.19.2.0-SNAPSHOT

* fix: resolve merge conflicts from apache/cassandra-java-driver 4.19.2

- BasicLoadBalancingPolicy: add missing closing brace for getLocalRack()
- DefaultLoadBalancingPolicy: remove unused ThreadLocalRandom import
- OptionalLocalDcHelper: add LinkedHashSet import; restore upstream
  checkLocalDatacenterCompatibility() call + ScyllaDB all-nodes DC
  mismatch warning
- InitialNodeListRefresh / MetadataManager: restore ScyllaDB version
- CqlRequestHandler: fix logPrefix -> handlerLogPrefix; fix
  NodeResponseCallback constructor
- DefaultSelect / Select: CqlDuration import, withOrderings, short
  constructor fixes
- DefaultDriverOption: fix {link inet.ipaddr} -> {code} in javadoc
- CqlPrepareAsyncProcessor: restore ScyllaDB PR #892 isDone() guard
- CcmBridge: remove upstream updateconf block that unconditionally
  enabled UDF on Scylla
- pom.xml: add revapi analysisConfiguration suppressing
  java.class.externalClassExposedInAPI
- DeleteIT: add 3 missing imports
- RequestIdGeneratorIT: @rule -> @ClassRule / static for correct
  class-level @BackendRequirement evaluation
- DeleteReactiveIT: revert to CcmRule.getInstance()

* Drop CASSJAVA-92: remove startup driver baggage / LBP configuration reporting

CASSJAVA-92 added getStartupConfiguration() to LoadBalancingPolicy, wired
it into StartupOptionsBuilder.build() via a new DRIVER_BAGGAGE key, and
exposed configuredLocalDc() in OptionalLocalDcHelper.  We are not sending
driver configuration to the server in this form; this will be re-implemented
separately.

Changes:
- LoadBalancingPolicy: remove getStartupConfiguration() default method
- StartupOptionsBuilder: remove DRIVER_BAGGAGE key and driverBaggage()
  helper; drop Jackson / ImmutableMap / LBP imports
- DefaultDriverContext: revert LazyReference<StartupOptionsBuilder> back to
  LazyReference<Map<String,String>>; rename buildStartupOptionsFactory ->
  buildStartupOptions (returns built map directly)
- BasicLoadBalancingPolicy: remove getStartupConfiguration() override;
  revert getLocalDatacenter() visibility to protected; drop ImmutableMap import
- DefaultLoadBalancingPolicy: remove getStartupConfiguration() override;
  drop ImmutableMap import
- OptionalLocalDcHelper: inline configuredLocalDc() logic back into
  discoverLocalDc(); remove the extracted public method
- MockedDriverContextFactory: restore Optional<DriverExecutionProfile>
  factory pattern; remove getLoadBalancingPolicies() / getConsistencyLevelRegistry()
  overrides and all CASSJAVA-92 helper methods; retain ScyllaDB LWT stub
- StartupOptionsBuilderTest: remove two CASSJAVA-92-specific tests
- DefaultDriverContextTest / FixedHostNameAddressTranslatorTest /
  SubnetAddressTranslatorTest: update call sites to Optional.of(profile)

---------

Co-authored-by: Lukasz Antoniak <Lukasz.Antoniak@gmail.com>
Co-authored-by: Brad Schoening <bschoeni@gmail.com>
Co-authored-by: Benoit Tellier <btellier@linagora.com>
Co-authored-by: Stefan Miklosovic <smiklosovic@apache.org>
Co-authored-by: Ammar Khaku <ammar.khaku@gmail.com>
Co-authored-by: absurdfarce <bret.mcguire@datastax.com>
Co-authored-by: Henry Hughes <henry.hughes@datastax.com>
Co-authored-by: Jason Koch <jkoch@netflix.com>
Co-authored-by: Christian Aistleitner <christian.aistleitner@outlook.com>
Co-authored-by: janehe <jane.he@datastax.com>
Co-authored-by: Abe Ratnofsky <abe@aber.io>
Co-authored-by: absurdfarce <absurdfarce@apache.org>
Co-authored-by: Dmitry Kropachev <dmitry.kropachev@gmail.com>
Co-authored-by: janehe <siyaoh4@uci.edu>
Co-authored-by: Jeremy Hanna <jeremy.hanna1234@gmail.com>
Co-authored-by: SiyaoIsHiding <113857408+SiyaoIsHiding@users.noreply.github.com>
Co-authored-by: Alex Sasnouskikh <jahstreetlove@gmail.com>
Co-authored-by: Luc Boutier <luc.boutier@me.com>
Co-authored-by: Andy Tolbert <6889771+tolbertam@users.noreply.github.com>
Co-authored-by: Tatu Saloranta <tatu.saloranta@iki.fi>
Co-authored-by: Tatu Saloranta <tatu.saloranta@datastax.com>
Co-authored-by: alexsa <alex.sasnouskikh@adyen.com>
Co-authored-by: Michael Karsten <mkarsten3@gatech.edu>
Co-authored-by: Ivan Sopov <sopov.ivan@gmail.com>
Co-authored-by: Kefu Chai <kefu.chai@scylladb.com>
Co-authored-by: absurdfarce <bret.mcguire@ibm.com>
The Cassandra and Scylla integration workflows resolve matrix values such as
latest through helper scripts that can query GitHub. Without GH_TOKEN those
requests run anonymously, so CI can fail when the API requires authentication
or hits anonymous rate limits before the integration jobs start.

Pass github.token to the Cassandra and Scylla version-resolution steps and to
the Cassandra integration test step. Also pass the original CASSANDRA_VERSION
matrix value alongside CASSANDRA_VERSION_RESOLVED so the test helper can
distinguish the requested version from the concrete resolved version.

Co-authored-by: Mikita Hradovich <mikita@hradovich.me>
Publish the same native-protocol patch version through the BOM that the parent build already manages, so BOM consumers resolve the tested protocol artifact.
Match changed UDTs by keyspace and type name instead of full field equality. Result and variable metadata can contain a different field shape after ALTER TYPE, so full UDT equality is too strict and leaves affected prepared statements cached.

Ignore type-create events that do not have an old type, add a unit regression for nested UDT matching, and make PreparedStatementCachingIT retain cached futures so it validates invalidation rather than racing weak-value collection.
Micrometer requires valid expected histogram bounds even when SLA buckets are disabled. Stub the lowest, highest, and precision options in the no-SLA session metric test so it exercises the intended branch instead of failing while constructing the distribution configuration.
Raise the supported runtime and build floor to Java 11, and align docs, configuration, formatting, and dependency versions with that baseline.
Reject invalid subnet prefix strings so address translation fails clearly instead of accepting bad configuration.
Update maintained CI paths for the Java 11 baseline, including JDK 17 compiler flags, javadoc skips, authenticated version lookup, examples compilation, and runtime-specific reports.
Enable required annotation processors, silence Java 11 compiler warnings, and improve CCM cleanup logging so integration failures are easier to diagnose.

Update tests for newer Mockito behavior by avoiding shared MockitoJUnitRunner usage in parallel integration tests and by verifying cache interactions explicitly where the mock behavior changed.

Fix CI failures exposed by the updated validation matrix: provide Micrometer histogram bounds in the no-SLA test, register config-change listeners before manual reloads, avoid assuming a transient one-connection node state before reconnection wins the race, and validate prepared-statement invalidation through observable cache behavior instead of a test-only removal-listener latch.
Keep PRIMITIVE_CODECS public for source and binary compatibility, deprecate direct array access, and add getPrimitiveCodecs() as the immutable-list accessor.

Refs #908
nikagra and others added 7 commits May 28, 2026 20:07
The reusable workflow main_pr_events_jira_sync.yml in scylladb/github-automation
used actions/checkout@v4 (a tag ref), which violates the scylladb org policy
requiring all actions to be pinned to full commit SHAs.

This caused every PR targeting scylla-4.x to fail with:
  Error: The action actions/checkout@v4 is not allowed in scylladb/java-driver
  because all actions must be pinned to a full-length commit SHA.

Update the pinned SHA to ef3a6238c30003cbab9a339c32e5112f6889a197 which pins
actions/checkout to 34e114876b0b11c390a56381ad16ebd13914f8d5 (v4.3.1).

Fixes: #911
Upstream fix: scylladb/github-automation#192
…2026-45416

netty-handler prior to 4.1.135.Final is affected by two HIGH severity
vulnerabilities:

- CVE-2026-44249 (CVSS 8.1): IpSubnetFilterRule.compareTo() performs an
  incorrect masking operation, allowing attackers to bypass IPv6 subnet
  ACL rules with valid public IP addresses.

- CVE-2026-45416 (CVSS 7.5): SslClientHelloHandler.decode() eagerly
  allocates up to 16 MiB of unpooled memory when maxClientHelloLength=0
  (the SniHandler default). A crafted TLS ClientHello can trigger memory
  exhaustion (DoS).

One-line change in the root pom.xml. All consumers of java-driver-core
will inherit the fix transitively once a new driver release is published.

Tracked in: scylladb/kafka-connect-scylladb#184
Fixes scylladb/scylladb-docs-homepage#204

Straightforward fixes (typos / moved pages):
- faq/README.md, upgrade_guide/README.md: loadbalancing -> load_balancing path
- manual/core/non_blocking/README.md: remove trailing backtick from SyncCqlSession URL
- manual/developer/common/concurrency/README.md: same trailing backtick fix
- manual/core/reactive/README.md: remove trailing ] from DataStax devapp URL
- manual/core/statements/batch/README.md: http -> https; replace dead DSE 6.7 batch
  URL with canonical Cassandra CQL DML docs (#batch_statement anchor)
- manual/core/query_timestamps/README.md: replace dead DSE 6.0 LWT URL with
  canonical Cassandra CQL DML docs
- manual/mapper/entities/README.md: fix malformed ?# anchor and update to current
  Cassandra DML docs URL
- manual/mapper/daos/queryprovider/README.md: add missing /entity/ path segment in
  EntityHelper Javadoc URL

Opinionated fixes (replacement content chosen):
- README.md: replace defunct maven-badges.herokuapp.com badge with shields.io
  pointing to central.sonatype.com
- manual/core/load_balancing/README.md: replace dead DataStax fault-tolerance
  whitepaper PDF with YouTube video (https://www.youtube.com/watch?v=NT2-i3u5wo0)
- manual/core/graalvm/README.md: update GraalVM native-image resources URL to
  current path; drop hyperlinks from DSE geotypes and DSE Graph entries (pages do
  not exist in the Scylla driver docs)
- manual/core/metrics/README.md: update Micrometer JMX registry URL to current
  docs.micrometer.io path
- manual/developer/netty_pipeline/README.md: rename '### InFlightHandler' heading
  to '### In-Flight Handler' to match the existing anchor reference in
  request_execution/README.md

Verified clean (for these changes) via local `make -C docs linkcheck` run.
When the initial TCP connection to a node fails, ChannelPool.connectFuture
completes (so the pool is added to PoolManager.pools) while `channels` is
still null — initialize() is only called on the success path.

The four methods size(), getAvailableIds(), getInFlight(), and
getOrphanedIds() called Arrays.stream(channels) without guarding against
this, throwing NullPointerException whenever a Dropwizard Metrics reporter
(JMX, Graphite, etc.) scraped the gauge values during the reconnection
window.

Fix: mirror the pattern already used by next(), which checks
singleThreaded.initialized before touching channels. Using the volatile
initialized flag is correct by the JMM: the volatile write at line 365
(initialized = true) happens-after all channels writes, so any thread
that reads initialized == true is guaranteed to see channels as
fully populated.

Fixes: CUSTOMER-413
If the initial pool connection attempt fails, ChannelPool completes while still uninitialized and starts a reconnect loop. A session close during that state can complete immediately because there are no active channels yet.

When the pending reconnect later succeeds, the uninitialized reconnect path previously initialized the pool and kept the new channel open even though the pool had already been closed. This could leave a leaked channel and incorrectly publish channelOpened after shutdown.

Guard that reconnect-success path with isClosing: force-close the new channel and complete the reconnect attempt without initializing the pool. Add coverage for both closeAsync and forceCloseAsync when the first successful channel arrives after shutdown.
@dkropachev

Copy link
Copy Markdown

@dependabot , rebase

@dkropachev

Copy link
Copy Markdown

@copilot resolve the merge conflicts in this pull request

dependabot Bot and others added 2 commits June 24, 2026 04:44
Bumps [sphinx-scylladb-theme](https://github.com/scylladb/sphinx-scylladb-theme) from 1.9.1 to 1.9.2.
- [Release notes](https://github.com/scylladb/sphinx-scylladb-theme/releases)
- [Commits](scylladb/sphinx-scylladb-theme@1.9.1...1.9.2)

---
updated-dependencies:
- dependency-name: sphinx-scylladb-theme
  dependency-version: 1.9.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Copilot AI commented Jun 24, 2026

Copy link
Copy Markdown

@copilot resolve the merge conflicts in this pull request

Resolved. I rebased the PR onto scylla-4.x, migrated the bump to the current uv-based docs files (docs/pyproject.toml, docs/uv.lock), and fixed the conflict caused by removed docs/poetry.lock in commit f8ae998.

Copilot AI requested a review from dkropachev June 24, 2026 04:46
dkropachev added a commit that referenced this pull request Jun 24, 2026
Apply the sphinx-scylladb-theme update from PR #869 as a focused docs dependency bump.

PR #869 carries unrelated repository-wide changes on top of the dependency update, so this commit keeps the branch limited to the docs dependency metadata only.

Changes included:

- raise the docs pyproject dependency lower bound from sphinx-scylladb-theme >=1.9.1 to >=1.9.2

- refresh docs/uv.lock to pin sphinx-scylladb-theme 1.9.2 with the matching sdist and wheel hashes
@dkropachev

Copy link
Copy Markdown

copilot can't fix it, move over to #932

@dkropachev dkropachev closed this Jun 24, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 24, 2026

Copy link
Copy Markdown
Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot
dependabot Bot deleted the dependabot/pip/docs/sphinx-scylladb-theme-1.9.2 branch June 24, 2026 11:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

7 participants