chore(deps): 依赖构件版本升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.04.03] by dependabot[bot] · Pull Request #1200 · ACANX/MetaOpen

dependabot · 2026-04-03T14:56:42Z

Bumps com.alibaba.nacos:nacos-client from 3.2.0 to 3.2.1-2026.04.03.

Release notes

Sourced from com.alibaba.nacos:nacos-client's releases.

3.2.1-2026.04.03

Nacos 3.2.1-2026.04.03 is a snapshot release focused on critical bug fixes and feature enhancements for issues discovered in 3.2.0, particularly around AI module stability, database compatibility, and console UI improvements.

Key highlights include:

AI Registry Enhancements: Complete Prompt lifecycle management UI, AI resource trace logging, and enhanced list APIs with filters

Database Compatibility: PostgreSQL and Oracle schema fixes, deterministic pagination with ORDER BY clauses

Dependency Resolution: Upgraded MCP SDK to 0.17.0 to resolve json-schema-validator conflicts

Concurrency Fixes: Eliminated race conditions in AI publish pipeline, naming module, and client failover

Console UI: Fixed configuration editing errors, namespace ID validation, and batch import issues

Feature

#14807 Add Prompt lifecycle management UI for both legacy and next consoles

#14809 Enhance AI resource list APIs with filters and ordering support

#14794 Support force-publish skills for admin user

Enhancement/Refactor

#14743 Close CallableStatement in DerbySnapshotOperation to prevent JDBC resource leak

#14750 Fix check-then-act race condition in FailoverReactor.isFailoverSwitch

#14751 Fix check-then-act race conditions on ConcurrentHashMap in naming module

#14784 Validate input parameters in ops controller forms for better security

#14806 Improve cluster metrics aggregation completeness signal in v3 API

#14818 Improve cluster metrics aggregation completeness signal in v3 API

#14822 Extract duplicated logic from SkillOperationServiceImpl and AgentSpecOperationServiceImpl into AiResourceManager and VersionUtils

#14834 Upgrade UI dependencies for both legacy and next consoles

BugFix

#14046 Fix ConfigInfoMapperByMySql.findConfigInfoLike4PageFetchRows result accuracy on MySQL

#14741 Add ORDER BY to findConfigInfoLike4PageFetchRows for deterministic pagination

#14742 Add ORDER BY to findConfigInfoLike4PageFetchRows for deterministic pagination

#14746 Add ORDER BY to remaining MySQL pagination queries for deterministic results

#14747 Add ORDER BY to Oracle pagination queries for deterministic results

#14748 Add ORDER BY to Derby pagination queries for deterministic results

#14764 Fix namespace ID validation issue in new UI when adding custom namespace

#14765 Fix configuration file editing error in 3.2 console

#14768 Fix /v3/console/ai/mcp/importToolsFromMcp failure due to json-schema-validator dependency conflict

#14771 Fix batch import failure in legacy console UI

#14775 Add missing OIDC-related configurations to application.properties template

#14783 Remove downloadSkillZip from AiClientProxy interface and route skill download directly to HTTP client

#14786 Eliminate race condition in AI publish pipeline by pre-generating executionId

#14810 Fix PostgreSQL schema default timestamp issues causing startup failures

#14812 Set default timestamps to current time in Oracle and PostgreSQL schemas

#14828 Fix cross-type version contamination when querying ai_resource_version by name

#14832 Fix PostgreSQL compatibility issues for AI resource persistence and capacity modules

... (truncated)

Commits

a6ef263 chore(build): update project revision to 3.2.1-2026.04.03.
3f9d890 chore(config): remove default property files and enable servlet encoding. (#1...
3ad21fa fix(console-ui-next): fix login page loop and header when auth disabled (#14853)
e52214f [ISSUE #14833] Add AI resource trace logging and fix prompt bizTags handling ...
53427d1 docs: update CONTRIBUTING.md with detailed contribution guidelines (#14850)
94dcef9 feat(auth,ai) support auth ai resource subtype parse (#14847)
9591f52 fix(naming): change ActionTypes.WRITE to ActionTypes.READ for getting (#14849)
5e0ab60 fix: PostgreSQL compatibility fixes for AI resource and capacity modules (#14...
3268700 [Feature] Add Prompt lifecycle management UI for both legacy and next console...
cb7c775 feat(ai,plugin): add pipeline support for Prompt resource type (#14840)
Additional commits viewable in compare view

dependabot · 2026-04-03T14:56:43Z

Assignees

The following users could not be added as assignees: dependabot[bot]. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Please fix the above issues or remove invalid values from dependabot.yml.

dependabot · 2026-04-14T12:41:30Z

Dependabot couldn't find the branch dependa. Because of this, Dependabot cannot update this pull request.

…1316) Bumps [org.xerial:sqlite-jdbc](https://github.com/xerial/sqlite-jdbc) from 3.51.3.0 to 3.53.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/xerial/sqlite-jdbc/releases">org.xerial:sqlite-jdbc's releases</a>.</em></p> <blockquote> <h2>Release 3.53.0.0</h2> <h2>Changelog</h2> <h2>🚀 Features</h2> <p><strong>jdbc</strong></p> <ul> <li>expose wal_autocheckpoint pragma in SQLiteConfig (<a href="https://github.com/xerial/sqlite-jdbc/commits/dd2adcc">dd2adcc</a>), closes <a href="https://redirect.github.com/xerial/sqlite-jdbc/issues/1397">#1397</a></li> </ul> <p><strong>sqlite</strong></p> <ul> <li>upgrade to sqlite 3.53.0 (<a href="https://github.com/xerial/sqlite-jdbc/commits/baaf087">baaf087</a>)</li> </ul> <p><strong>unscoped</strong></p> <ul> <li>publish multiple classifer jars (<a href="https://github.com/xerial/sqlite-jdbc/commits/bdd2b64">bdd2b64</a>), closes <a href="https://redirect.github.com/xerial/sqlite-jdbc/issues/1273">#1273</a></li> <li>better Android support (<a href="https://github.com/xerial/sqlite-jdbc/commits/7eb6f3f">7eb6f3f</a>), closes <a href="https://redirect.github.com/xerial/sqlite-jdbc/issues/1378">#1378</a></li> </ul> <h2>🛠 Build</h2> <p><strong>deps</strong></p> <ul> <li>bump org.sonatype.central:central-publishing-maven-plugin (<a href="https://github.com/xerial/sqlite-jdbc/commits/19259e5">19259e5</a>)</li> <li>bump EndBug/add-and-commit from 9 to 10 (<a href="https://github.com/xerial/sqlite-jdbc/commits/f572217">f572217</a>)</li> </ul> <p><strong>deps-dev</strong></p> <ul> <li>bump surefire.version from 3.5.4 to 3.5.5 (<a href="https://github.com/xerial/sqlite-jdbc/commits/b649d25">b649d25</a>)</li> <li>bump org.assertj:assertj-core from 3.27.6 to 3.27.7 (<a href="https://github.com/xerial/sqlite-jdbc/commits/857a754">857a754</a>)</li> <li>bump org.mockito:mockito-core from 5.21.0 to 5.23.0 (<a href="https://github.com/xerial/sqlite-jdbc/commits/a597952">a597952</a>)</li> </ul> <h2>Contributors</h2> <p>We'd like to thank the following people for their contributions: Gauthier, Karl-Michael Edlinger, kju2</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/f88e9c7b4d71a443fc9ce80c43e34cd85ceef338"><code>f88e9c7</code></a> chore(release): 3.53.0.0 [skip ci]</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/bdd2b64a107ef3aef2168a4446cb2b1c59992ddf"><code>bdd2b64</code></a> feat: publish multiple classifer jars</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/7eb6f3fb57c21e2d18a8145e2996caa0cdd398c3"><code>7eb6f3f</code></a> feat: better Android support</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/23ead2e027a9868184ab5d363c66652f7d6c64ca"><code>23ead2e</code></a> chore: update native libraries</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/baaf0870311ce780c7d15598fc080f3b31079aea"><code>baaf087</code></a> feat(sqlite): upgrade to sqlite 3.53.0</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/dd2adcc879a3b9914f3953629536f3d53473f275"><code>dd2adcc</code></a> feat(jdbc): expose wal_autocheckpoint pragma in SQLiteConfig</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/b649d257cbb030969cdbf2cf74d2a05b590ebf86"><code>b649d25</code></a> build(deps-dev): bump surefire.version from 3.5.4 to 3.5.5</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/857a754356614e2705b1ce1a955b47b0333fedeb"><code>857a754</code></a> build(deps-dev): bump org.assertj:assertj-core from 3.27.6 to 3.27.7</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/19259e5f34ed5a99515a0ae43711cddde0ef9158"><code>19259e5</code></a> build(deps): bump org.sonatype.central:central-publishing-maven-plugin</li> <li><a href="https://github.com/xerial/sqlite-jdbc/commit/a5979522b3a4b04020edda625891d2593638316a"><code>a597952</code></a> build(deps-dev): bump org.mockito:mockito-core from 5.21.0 to 5.23.0</li> <li>Additional commits viewable in <a href="https://github.com/xerial/sqlite-jdbc/compare/3.51.3.0...3.53.0.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.xerial:sqlite-jdbc&package-manager=maven&previous-version=3.51.3.0&new-version=3.53.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

@beta

…e] (#1312) Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.5.0-jre to 33.6.0-jre. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/guava/releases">com.google.guava:guava's releases</a>.</em></p> <blockquote> <h2>33.6.0</h2> <h3>Maven</h3> <pre lang="xml"><code><dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>33.6.0-jre</version>  <version>33.6.0-android</version> </dependency> </code></pre> <h3>Jar files</h3> <ul> <li><a href="https://repo1.maven.org/maven2/com/google/guava/guava/33.6.0-jre/guava-33.6.0-jre.jar">33.6.0-jre.jar</a></li> <li><a href="https://repo1.maven.org/maven2/com/google/guava/guava/33.6.0-android/guava-33.6.0-android.jar">33.6.0-android.jar</a></li> </ul> <p>Guava requires <a href="https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies">one runtime dependency</a>, which you can download here:</p> <ul> <li><a href="https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.3/failureaccess-1.0.3.jar">failureaccess-1.0.3.jar</a></li> </ul> <h3>Javadoc</h3> <ul> <li><a href="https://guava.dev/releases/33.6.0-jre/api/docs/">33.6.0-jre</a></li> <li><a href="https://guava.dev/releases/33.6.0-android/api/docs/">33.6.0-android</a></li> </ul> <h3>JDiff</h3> <ul> <li><a href="https://guava.dev/releases/33.6.0-jre/api/diffs/">33.6.0-jre vs. 33.5.0-jre</a></li> <li><a href="https://guava.dev/releases/33.6.0-android/api/diffs/">33.6.0-android vs. 33.5.0-android</a></li> <li><a href="https://guava.dev/releases/33.6.0-android/api/androiddiffs/">33.6.0-android vs. 33.6.0-jre</a></li> </ul> <h3>Changelog</h3> <ul> <li>Migrated some classes from <code>finalize()</code> to <code>PhantomReference</code> in preparation for <a href="https://openjdk.org/jeps/421">the removal of finalization</a>. (786b619dd6, 7c6b17c, aeef90988d)</li> <li><code>cache</code>: Deprecated <code>CacheBuilder</code> APIs that use <code>TimeUnit</code> in favor of those that use <code>Duration</code>. (73f8b0bb84)</li> <li><code>collect</code>: Added <code>toImmutableSortedMap</code> collectors that use the natural comparator. (64d70b9f94)</li> <li><code>collect</code>: Changed <code>ConcurrentHashMultiset</code>, <code>ImmutableMap</code> and <code>TreeMultiset</code> deserialization to <a href="https://openjdk.org/jeps/500">avoid mutating <code>final</code> fields</a>. In extremely unlikely scenarios in which an instance of that type contains an object that refers back to that instance, this could lead to <a href="https://docs.oracle.com/en/java/javase/26/docs/specs/serialization/input.html#the-readresolve-method:~:text=in%20cases%20where%20an%20object%20being%20serialized%20nominates%20a%20replacement%20object%20whose%20object%20graph%20has%20a%20reference%20to%20the%20original%20object">a broken instance</a> that throws <code>NullPointerException</code> when used. (8240c7e596, 046468055f)</li> <li><code>graph</code>: Removed <code>@beta</code> from all APIs in the package. (dae9566b73)</li> <li><code>graph</code>: Added support to <code>Graphs.transitiveClosure()</code> for different strategies for adding self-loops. (2e13df25b2)</li> <li><code>graph</code>: Added an <code>asNetwork()</code> view to <code>Graph</code> and <code>ValueGraph</code>. (909c593c61)</li> <li><code>hash</code>: Added <code>BloomFilter.serializedSize()</code>. (df9bcc251a)</li> <li><code>net</code>: Added <code>HttpHeaders.CDN_CACHE_CONTROL</code>. (75331b5030)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/google/guava/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.guava:guava&package-manager=maven&previous-version=33.5.0-jre&new-version=33.6.0-jre)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [com.alibaba.nacos:nacos-client](https://github.com/alibaba/nacos) from 3.2.0 to 3.2.1-2026.04.03. - [Release notes](https://github.com/alibaba/nacos/releases) - [Changelog](https://github.com/alibaba/nacos/blob/develop/CHANGELOG.md) - [Commits](alibaba/nacos@3.2.0...3.2.1-2026.04.03) --- updated-dependencies: - dependency-name: com.alibaba.nacos:nacos-client dependency-version: 3.2.1-2026.04.03 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot Bot added the Dependabot Dependabot label Apr 3, 2026

dependabot Bot added 依赖:升级依赖升级自动化:提交自动化提交 Dependabot Dependabot labels Apr 3, 2026

dependabot Bot mentioned this pull request Apr 3, 2026

chore(deps): 依赖项升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.03.30] #1101

Closed

github-actions Bot changed the title ~~chore(deps): bump com.alibaba.nacos:nacos-client from 3.2.0 to 3.2.1-2026.04.03 in /meta-bom/bom-deamon~~ chore(deps): 依赖项升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.04.03] Apr 3, 2026

Base automatically changed from dependa to dev April 7, 2026 15:44

dependabot Bot changed the base branch from dev to dependa April 9, 2026 02:04

dependabot Bot force-pushed the dependabot/maven/meta-bom/bom-deamon/dependa/com.alibaba.nacos-nacos-client-3.2.1-2026.04.03 branch from 4681bc5 to 55b0275 Compare April 9, 2026 02:04

dependabot Bot changed the title ~~chore(deps): 依赖项升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.04.03]~~ chore(deps): bump com.alibaba.nacos:nacos-client from 3.2.0 to 3.2.1-2026.04.03 in /meta-bom/bom-deamon Apr 9, 2026

github-actions Bot changed the title ~~chore(deps): bump com.alibaba.nacos:nacos-client from 3.2.0 to 3.2.1-2026.04.03 in /meta-bom/bom-deamon~~ chore(deps): 依赖构件版本升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.04.03] Apr 9, 2026

Base automatically changed from dependa to dev April 9, 2026 02:11

dependabot Bot changed the base branch from dev to dependa April 14, 2026 14:16

dependabot Bot force-pushed the dependabot/maven/meta-bom/bom-deamon/dependa/com.alibaba.nacos-nacos-client-3.2.1-2026.04.03 branch from 55b0275 to dbe1e05 Compare April 14, 2026 14:16

dependabot Bot changed the title ~~chore(deps): 依赖构件版本升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.04.03]~~ chore(deps): bump com.alibaba.nacos:nacos-client from 3.2.0 to 3.2.1-2026.04.03 in /meta-bom/bom-deamon Apr 14, 2026

Base automatically changed from dependa to dev April 14, 2026 14:22

dependabot Bot added 3 commits April 16, 2026 03:06

dependabot Bot changed the base branch from dev to dependa April 15, 2026 19:08

dependabot Bot force-pushed the dependabot/maven/meta-bom/bom-deamon/dependa/com.alibaba.nacos-nacos-client-3.2.1-2026.04.03 branch from dbe1e05 to 3920d82 Compare April 15, 2026 19:08

github-actions Bot changed the title ~~chore(deps): bump com.alibaba.nacos:nacos-client from 3.2.0 to 3.2.1-2026.04.03 in /meta-bom/bom-deamon~~ chore(deps): 依赖构件版本升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.04.03] Apr 15, 2026

Base automatically changed from dependa to dev April 20, 2026 03:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): 依赖构件版本升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.04.03]#1200

chore(deps): 依赖构件版本升级[com.alibaba.nacos:nacos-client][3.2.0 => 3.2.1-2026.04.03]#1200
dependabot[bot] wants to merge 3 commits intodevfrom
dependabot/maven/meta-bom/bom-deamon/dependa/com.alibaba.nacos-nacos-client-3.2.1-2026.04.03

dependabot Bot commented on behalf of github Apr 3, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Apr 3, 2026

Uh oh!

dependabot Bot commented on behalf of github Apr 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

3.2.1-2026.04.03

Feature

Enhancement/Refactor

BugFix

Uh oh!

dependabot Bot commented on behalf of github Apr 3, 2026

Assignees

Uh oh!

dependabot Bot commented on behalf of github Apr 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 3, 2026 •

edited

Loading