Bump com.hazelcast:hazelcast from 3.12.13 to 5.2.5 in /dubbo-plugin/dubbo-filter-cache

[dependabot]

Bumps com.hazelcast:hazelcast from 3.12.13 to 5.2.5.

Release notes

Sourced from com.hazelcast:hazelcast's releases.

v5.2.5

This document lists the enhancements and fixed issues for the Hazelcast Platform 5.2.5 release. The numbers in the square brackets refer to the issues and pull requests in Hazelcast's GitHub repository.

Enhancements

• Improved the permission checks in the file connectors by adding a method that returns the permissions required to resolve field names. #25674
• Updated the versions of following dependencies: ** Snappy to 1.1.10.5 ** gRPC to 1.59 ** Netty to 4.1.100.Final ** Elasticsearch to 7.17.13 ** Everit JSON Schema to 1.14.3 #24866, #25820, #25708, #25729, #25775

Fixes

• Fixed an issue where the entry listeners for Replicated Maps were checking the Map permissions instead of the Replicated Map permissions. #25971
• Fixed an issue where the map entries' metadata, such as time-to-live and expiration, was not replicated correctly over WAN after updating existing entries. #25506
• Fixed an issue where there was a difference between the elapsed clock time and elapsed total time when listening to migration events. #25066
• Fixed an issue where the member list was not updated after a cluster failover scenario. #24944
• Renamed the service port for Hazelcast clusters deployed in Kubernetes environments to hazelcast. The previous name, hazelcast-service-port, caused member auto-discovery for embedded deployments to fail. #24841
• Fixed an issue where Hazelcast was sending empty map interceptor information to the members that are newly joined to the cluster; it was causing eager map initializations. #24669

Removed/Deprecated Features

• Removed the evaluation tool (for trying out Platform 5.x features for IMDG 3.x users) and the relevant IMDG 3.x JAR libraries from Hazelcast Platform distributions. #25697

Contributors

We would like to thank the contributors from our open source community who worked on this release:

• Aleksei Zotov

v5.2.4

This document lists the enhancements and fixed issues for the Hazelcast Platform 5.2.4 release. The numbers in the square brackets refer to the issues and pull requests in Hazelcast's GitHub repository (github.com/hazelcast/hazelcast).

Enhancements

• Updated the version of jackson-core dependency to 2.15.2. #24730
• Hazelcast was sending requests to Kubernetes API when deploying an application with embedded Hazelcast and service-dns (DNS lookup mode) specified to a Kubernetes cluster. This was causing the requests to be unsuccessful and the application not to start. This mechanism has been improved by creating Kubernetes client only for the DNS lookup mode. #24045

Fixes

• Fixed an issue where some of the members in a Hazelcast cluster deployed on Kubernetes (as a statefulset) shut down with en exception in a delayed manner. #24709
• Fixed an issue where Jet job snapshots could be prematurely deleted after a restart of a cluster, having lossless restart enabled. #24576
• Fixed an issue where the SELECT COUNT(DISTINCT COLUMN) query for maps was producing incorrect results. #24490
• Fixed various issues in [Health Monitor] including incorrect metric names. #24634
• Fixed an issue where the REST calls were failing for Hazelcast clusters with TLS v1.3 configured, and deployed on Kubernetes. #24624
• Fixed an issue where SQL statements were failing when a class (to determine the fields of a key/value pair) no longer exists but the mapping is still valid. #24043

... (truncated)

Commits

• 8b1bd72 Upgrade version to 5.2.5
• c4f388d Adding OS RN for 5.2.5 (#827)
• 0c3b54d Best-effort fix for merging metadata over WAN after merge rejection [5.2.5] (...
• 1eec447 Extend permission checks in MessageTasks and add a test coverage [HZ-2090] [5...
• e394e3d Fix K8s service port [CN-894] [5.2.5] (#797)
• 06a10be [BACKPORT] Do not try to connect to the old member list after the cluster cha...
• 1239695 Make MigrationListener timers use wall-clock not CPU time [5.2.5][HZ-2651][HZ...
• 3939548 Correctly WAN replicate IMap metadata when updating existing records (#6514) ...
• 6c471c1 Use MapContainer to filter maps to be cleaned up when migrating off a partiti...
• 366fad9 Bump grpc to mitigate CVE-2023-44487 [5.2.5]
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 37.12%. Comparing base (aff603a) to head (ed8652c).

❗ There is a different number of reports uploaded between BASE (aff603a) and HEAD (ed8652c). Click for more details.

HEAD has 2 uploads less than BASE

Flag	BASE (aff603a)	HEAD (ed8652c)
unit-tests-java21	1	0
unit-tests-java8	1	0

Additional details and impacted files

@@              Coverage Diff              @@
##                3.3   #15726       +/-   ##
=============================================
- Coverage     60.76%   37.12%   -23.65%     
+ Complexity    11705    11703        -2     
=============================================
  Files          1938     1937        -1     
  Lines         88685    88666       -19     
  Branches      13387    13303       -84     
=============================================
- Hits          53892    32918    -20974     
- Misses        29261    51198    +21937     
+ Partials       5532     4550      -982     

Flag	Coverage Δ
integration-tests-java21	32.46% <ø> (+<0.01%)	⬆️
integration-tests-java8	32.54% <ø> (+0.09%)	⬆️
samples-tests-java21	32.09% <ø> (+0.10%)	⬆️
samples-tests-java8	29.76% <ø> (+0.03%)	⬆️
unit-tests-java21	?
unit-tests-java8	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[zrlw]

if bump com.hazelcast:hazelcast from 3.12.13 to 5.2.5, Hazelcast cluster instance needs to be started before running testcases of CacheFilterTest.
#15837 will do it.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.