Bump org.opensearch:opensearch-core from current to 2.8.0 in /buildSrc/src/testKit/thirdPartyAudit

[dependabot]

Bumps org.opensearch:opensearch-core from current to 2.8.0.

Release notes

Sourced from org.opensearch:opensearch-core's releases.

2.8.0

2023-06-06 Version 2.8.0 Release Notes

[2.8]

Added

• [Extensions] Moving Extensions APIs to support cross versions via protobuf. (#7402)
• [Extensions] Add IdentityPlugin into core to support Extension identities (#7246)
• Add connectToNodeAsExtension in TransportService (#6866)
• [Search Pipelines] Accept pipelines defined in search source (#7253)
• [Search Pipelines] Add default_search_pipeline index setting (#7470)
• [Search Pipelines] Add RenameFieldResponseProcessor for Search Pipelines (#7377)
• [Search Pipelines] Split search pipeline processor factories by type (#7597)
• [Search Pipelines] Add script processor (#7607)
• Add 'unsigned_long' numeric field type (#6237)
• Add back primary shard preference for queries (#7375)
• Add task cancellation timestamp in task API (#7455)
• Adds ExtensionsManager.lookupExtensionSettingsById (#7466)
• SegRep with Remote: Add hook for publishing checkpoint notifications after segment upload to remote store (#7394)
• Add search_after query optimizations with shard/segment short cutting (#7453)
• Provide mechanism to configure XContent parsing constraints (after update to Jackson 2.15.0 and above) (#7550)
• Support to clear filecache using clear indices cache API (#7498)
• Create NamedRoute to map extension routes to a shortened name (#6870)
• Added @​dbwiddis as on OpenSearch maintainer (#7665)
• [Extensions] Add ExtensionAwarePlugin extension point to add custom settings for extensions (#7526)
• Add new cluster setting to set default index replication type (#7420)

Dependencies

• Bump com.netflix.nebula:gradle-info-plugin from 12.0.0 to 12.1.3 (#7564)
• Bump com.netflix.nebula:nebula-publishing-plugin from 19.2.0 to 20.2.0
• Bump com.google.protobuf:protobuf-java from 3.22.2 to 3.22.3
• Bump jackson from 2.14.2 to 2.15.0 (#7286)
• Bump com.netflix.nebula:nebula-publishing-plugin from 20.2.0 to 20.3.0
• Bump com.netflix.nebula.ospackage-base from 11.0.0 to 11.3.0
• Bump gradle.plugin.com.github.johnrengelman:shadow from 7.1.2 to 8.0.0
• Bump jna from 5.11.0 to 5.13.0
• Bump commons-io:commons-io from 2.7 to 2.12.0 (#7661, #7658, #7656)
• Bump org.apache.shiro:shiro-core from 1.9.1 to 1.11.0 (#7397)
• Bump jetty-server in hdfs-fixture from 9.4.49.v20220914 to 9.4.51.v20230217 (#7405)
• OpenJDK Update (April 2023 Patch releases) (#7448
• Bump org.apache.commons:commons-compress from 1.22 to 1.23.0 (#7462)
• Bump com.azure:azure-core from 1.34.0 to 1.39.0
• Bump com.networknt:json-schema-validator from 1.0.78 to 1.0.81 (#7460)
• Bump Apache Lucene to 9.6.0 (#7505)
• Bump com.google.cloud:google-cloud-core-http from 1.93.3 to 2.17.0 (#7488)
• Bump com.google.guava:guava from 30.1.1-jre to 32.0.0-jre (#7565, #7811, #7808, #7807)
• Bump com.azure:azure-storage-common from 12.20.0 to 12.21.1 (#7566, #7814)
• Bump org.apache.commons:commons-compress from 1.22 to 1.23.0 (#7563)
• Bump jackson from 2.15.0 to 2.15.1 (#7603)
• Bump net.minidev:json-smart from 2.4.10 to 2.4.11 (#7660, #7812)
• Bump io.projectreactor.netty:reactor-netty-core from 1.1.5 to 1.1.7 (#7657)

... (truncated)

Changelog

Sourced from org.opensearch:opensearch-core's changelog.

CHANGELOG

All notable changes to this project are documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning. See the CONTRIBUTING guide for instructions on how to add changelog entries.

[Unreleased 3.0]

Added

• Support for HTTP/2 (server-side) (#3847)
• Add getter for path field in NestedQueryBuilder (#4636)
• Allow mmap to use new JDK-19 preview APIs in Apache Lucene 9.4+ (#5151)
• Add events correlation engine plugin (#6854)
• Add support for ignoring missing Javadoc on generated code using annotation (#7604)
• Implement concurrent aggregations support without profile option (#7514)

Dependencies

• Bump log4j-core from 2.18.0 to 2.19.0
• Bump forbiddenapis from 3.3 to 3.4
• Bump avro from 1.11.0 to 1.11.1
• Bump woodstox-core from 6.3.0 to 6.3.1
• Bump xmlbeans from 5.1.0 to 5.1.1 (#4354)
• Bump azure-storage-common from 12.18.0 to 12.18.1 (#4164)
• Bump reactor-netty-core from 1.0.19 to 1.0.22 (#4447)
• Bump reactive-streams from 1.0.3 to 1.0.4 (#4488)
• Bump reactor-core from 3.4.23 to 3.5.1 (#5604)
• Bump jempbox from 1.8.16 to 1.8.17 (#4550)
• Bump spock-core from 2.1-groovy-3.0 to 2.3-groovy-3.0 (#5315)
• Update to Gradle 7.6 and JDK-19 (#4973)
• Update Apache Lucene to 9.5.0-snapshot-d5cef1c (#5570)
• Bump maven-model from 3.6.2 to 3.8.6 (#5599)
• Bump maxmind-db from 2.1.0 to 3.0.0 (#5601)
• Bump wiremock-jre8-standalone from 2.33.2 to 2.35.0
• Bump gson from 2.10 to 2.10.1
• Bump json-schema-validator from 1.0.73 to 1.0.76
• Bump joni from 2.1.44 to 2.1.45
• Bump org.jruby.joni:joni from 2.1.45 to 2.1.48
• Bump com.google.code.gson:gson from 2.10 to 2.10.1
• Bump com.maxmind.geoip2:geoip2 from 4.0.0 to 4.0.1
• Bump com.networknt:json-schema-validator from 1.0.76 to 1.0.78
• Bump com.avast.gradle:gradle-docker-compose-plugin from 0.16.11 to 0.16.12
• Bump org.apache.commons:commons-compress from 1.22 to 1.23.0
• Bump org.apache.commons:commons-configuration2 from 2.8.0 to 2.9.0
• Bump com.netflix.nebula:nebula-publishing-plugin from 19.2.0 to 20.3.0
• Bump com.diffplug.spotless from 6.17.0 to 6.18.0
• Bump io.opencensus:opencensus-api from 0.18.0 to 0.31.1 (#7291)
• Add org.reactivestreams 1.0.4 (7372)
• Add com.github.luben:zstd-jni version 1.5.5-3 (#2996)
• OpenJDK Update (April 2023 Patch releases) (#7344
• Bump com.amazonaws 1.12.270 to software.amazon.awssdk 2.20.55 (7372)
• Bump com.networknt:json-schema-validator from 1.0.81 to 1.0.83 (7933)
• Bump com.google.http-client:google-http-client:1.43.2 from 1.42.0 to 1.43.2 (7928))

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

The following labels could not be found: dependabot.

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: null ❌
• URL:
• CommitID: cded6b7
  Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green.
  Is the failure a flaky test unrelated to your change?

[dependabot]

Superseded by #195.