Re: [DISCUSS] PIP-139 : Support Broker send command to real close producer/consumer.

This proposal identifies an important issue that we should definitely solve. I have some questions. > When there are no user-created topics under a namespace, > Namespace should be deleted. This is supposed to mean that the namespace should be able to be deleted, correct? > For this reason, we n

Re: [DISCUSS] The default value of maxPendingChunkedMessage

> We found that there are inconsistencies between the code and the > documentation regarding the default value of maxPendingChunkedMessage. Great find! > A chunked buffer to contain all chunks could use much memory, for example, if > a > message was split into N chunks, since each chunk is 5MB b

Re: [DISCUSS] PIP-136: Sync Pulsar policies across multiple clouds

I think this is a very appropriate direction to take Pulsar's geo-replication. Your proposal is essentially to make the inter-cluster configuration event driven. This increases fault tolerance and better decouples clusters. Thank you for your detailed proposal. After reading through it, I have som

Re: [Discuss] Create new issues to SDKs in different languages

> This google sheet [1] has been already contributed to our community. > Everyone has access to view and comment on it. Thank you for clarifying. This google sheet is filled with very valuable, detailed information! My thought is that putting the information into a table on the website, and not j

[GitHub] [pulsar-helm-chart] csthomas1 edited a comment on pull request #219: Feature/pulsar manager v0.2.0 with jwt setup admin account creation

csthomas1 edited a comment on pull request #219: URL: https://github.com/apache/pulsar-helm-chart/pull/219#issuecomment-1024620716 Okay, tests done and passing, I think this is good to go. -- This is an automated message from the Apache Git Service. To respond to the message, please log

[GitHub] [pulsar-adapters] dlg99 opened a new pull request #33: Add OWASP dependency checker

dlg99 opened a new pull request #33: URL: https://github.com/apache/pulsar-adapters/pull/33 ### Motivation Add OWASP dependency checker into the build to scan dependencies for CVEs. ### Modifications Added OWASP dependency checker into the build ### Verifying this

Re: [PR] CI workflow to check dependencies with OWASP

Thank you for improving our process for vulnerable dependencies. > As a next step we can work on making it email the dev list when it fails +1 - I like this proposal. It will ensure that we have enough visibility to remediate vulnerabilities quickly. Thanks, Michael On Mon, Jan 31, 2022 at 3:07

Re: [PR] CI workflow to check dependencies with OWASP

Great idea I will review the PRs Thanks Enrico Il Lun 31 Gen 2022, 21:33 Andrey Yegorov ha scritto: > Hello, > > As a final step in the series of PRs to upgrade old dependencies with > various CVEs (by Nicolo and I) I added a PR that introduces extra check on > pom.xml files changes: it will

[PR] CI workflow to check dependencies with OWASP

Hello, As a final step in the series of PRs to upgrade old dependencies with various CVEs (by Nicolo and I) I added a PR that introduces extra check on pom.xml files changes: it will run OWASP dependency check and fail if any CVE level >= 7 is detected. Please review this PR https://github.com/ap

[GitHub] [pulsar-helm-chart] lhotari merged pull request #220: Increase Zookeeper probe timeouts

lhotari merged pull request #220: URL: https://github.com/apache/pulsar-helm-chart/pull/220 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-un

[GitHub] [pulsar-helm-chart] lhotari commented on pull request #220: Increase Zookeeper probe timeouts

lhotari commented on pull request #220: URL: https://github.com/apache/pulsar-helm-chart/pull/220#issuecomment-1026018475 > > 5 seconds seems to be too short a probe timeout on a system with low resources, such as in CI > > Were you seeing CI errors because of the low value? What ar

[GitHub] [pulsar-helm-chart] lhotari commented on a change in pull request #221: [Proxy] Configure metadata settings for Proxy

lhotari commented on a change in pull request #221: URL: https://github.com/apache/pulsar-helm-chart/pull/221#discussion_r795889617 ## File path: charts/pulsar/templates/proxy-configmap.yaml ## @@ -27,6 +27,15 @@ metadata: {{- include "pulsar.standardLabels" . | nindent 4

[GitHub] [pulsar-helm-chart] michaeljmarshall commented on a change in pull request #221: [Proxy] Configure metadata settings for Proxy

michaeljmarshall commented on a change in pull request #221: URL: https://github.com/apache/pulsar-helm-chart/pull/221#discussion_r795871113 ## File path: charts/pulsar/templates/proxy-configmap.yaml ## @@ -27,6 +27,15 @@ metadata: {{- include "pulsar.standardLabels" . | n

[GitHub] [pulsar-helm-chart] lhotari opened a new pull request #221: [Proxy] Configure metadata settings for Proxy

lhotari opened a new pull request #221: URL: https://github.com/apache/pulsar-helm-chart/pull/221 ### Motivation - enables service discovery in the proxy - required by https://github.com/apache/pulsar/pull/14078 changes ### Modifications - configure `zookeeperServers`

CVE-2021-41571: Apache Pulsar: Pulsar Admin API allows access to data from other tenants using getMessageById API

Severity: moderate Description: In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires the user to input a topic and a ledger id. The ledger id is a pointer to the data, and