Open source software library / Database connection pool / BoneCP

BoneCP Java database connection pool

Collection two hundred
comment nine
error correction
BoneCP is participating 2021 OSC China Open Source Project Selection , please vote for it!
BoneCP in 2021 OSC China Open Source Project Selection {{projectVoteCount} has been obtained in, please vote for it!
2021 OSC China Open Source Project Selection It is in hot progress. Come and vote for your favorite open source project!
2021 OSC China Open Source Project Selection>>> Midfield Review
BoneCP won the 2021 OSC China Open Source Project Selection "The Best Popularity Project" !
Authorization Agreement Apache
development language Java
operating system Cross platform
Software type Open source software
Classification program development Database connection pool
Open source organizations nothing
region Unknown
deliverer sweet potato
intended for unknown
Recording time 2009-11-28
Software Home Page
Official download
eighty-six
Safety index
  • overview
  • information
  • Blog
  • Q&A
  • security information

Software Introduction

BoneCP is a high-performance open source java database connection pool implementation library. It is designed to improve the performance of the database connection pool. According to some test data, BoneCP is the fastest connection pool. BoneCP is very small, only over 40 K (required for runtime slf4j and guava And the two together are not small) C3P0 It costs more than 600 K.

Online API doc: http://www.ostools.net/apidocs/apidoc?api=bonecp

Expand to read the full text

code

comment

Click to join the discussion 🔥 (9) Post and join the discussion 🔥
Score the software:
oschina
oschina
Published information
2013/05/01 00:00

BoneCP 0.8.0 RC2 released, Java connection pool

The BoneCP 0.8.0 RC2 snapshot version was released on April 30, and the official did not give any improvement instructions for this version. It seems that the developers of BoneCP did not submit the code to Github, because it has not been updated for three months. Download address: https://oss.sonatype.org/content/groups/public/com/jolbox/bonecp/0.8.0-rc2-SNAPSHOT/ BoneCP is a high-performance open source java database connection pool implementation library. It is designed to improve the performance of the database connection pool. According to some test data, BoneCP is the fastest connection pool. BoneC...

ten
eleven
report
Ethan-
Ethan-
Published information
2012/12/19 00:00

BoneCP 0.8.0 Beta3 released

Bonecp released the beta version 0.8.0 at the beginning of December. Download address: https://oss.sonatype.org/content/groups/public/com/jolbox/bonecp/0.8.0-beta3-SNAPSHOT/ There is no more detailed information about this version at this time. BoneCP is a high-performance open source java database connection pool implementation library. It is designed to improve the performance of the database connection pool. According to some test data, BoneCP is the fastest connection pool. BoneCP is very small, only over 40 K (the runtime requires the support of slf4j and guava, which together are quite large), while C3

five
seven
report
sweet potato
sweet potato
Published information
2011/04/05 00:00

BoneCP 0.7.1 official release, Java connection pool

BoneCP is a high-performance open source java database connection pool implementation library. It is designed to improve the performance of the database connection pool. According to some test data, BoneCP is the fastest connection pool. The official version of BoneCP 0.7.1 has just been released. Compared with the 0.7.0 version, the changes include:+the enhancement of many connection pool statistics+the repair of OSGi related problems+Allow datasource getConnection (username, password) + Recognize new postgresql SQLstate to trigger a pool restart + Added config option externalAuth ...

three
five
report
sweet potato
sweet potato
Published information
2010/12/28 00:00

Java connection pool BoneCP 0.7.1 RC1 release

BoneCP is a high-performance open source java database connection pool implementation library. It is designed to improve the performance of the database connection pool. According to some test data, BoneCP is the fastest connection pool. BoneCP is very small, only over 40K (the runtime requires the support of log4j and Google Collections, which together are quite large), compared with C3P0, which is more than 600K. BoneCP 0.7.1 RC1:+Added overloaded methods for BoneCPConfig to be able to specify the tips via a TimeUnit parameters+ Catch...

two
two
report
sweet potato
sweet potato
Published information
2010/10/14 00:00

Java connection pool BoneCP 0.7.0 official release

BoneCP version 0.7.0 contains many improvements and adjustments. In addition, the authorization protocol is changed from LGPL to Apache. Details include: Features:+The new architecture makes the connection pool performance better+The authorization protocol is changed from LGPL to Apache+OSGi support+Add maxConnectionAge to give a maximum time a connection will be kept alive+ Add ability to load default XML config file (with overrides) + Added onBeforeStatementExecute and onAfterStatementExecute hooks. + Added connection/statement...

zero
two
report
sweet potato
sweet potato
Published information
2010/09/02 00:00

BoneCP 0.7.0 RC2 was released, significantly improving performance

BoneCP 0.7 released the first RC version on July 29 and the second RC version on August 20. So this is an old news. BoneCP 0.7 is a new branch. It uses a completely different core architecture, and its performance has been significantly improved (true or false, BoneCP has been very fast, and now it has been significantly improved, how fast is it?). The 0.7 RC2 version adds OSGi support to RC1. In addition, since BoneCP version 0.7, the original LGPL has been changed to Apache 2.0. Download BoneCP 0.7: http://jolbox.com/bone...

two
one
report
sweet potato
sweet potato
Published information
2010/07/28 00:00

BoneCP 0.6.7.2 release, Java connection pool

BoneCP is an open source fast JDBC connection pool. BoneCP is very small, only over 40K (the runtime requires the support of log4j and Google Collections, which together are quite large), compared with C3P0, which is more than 600K. This version is a maintenance version, which mainly fixes some minor problems in use, including: 1 Fixes were made for idleMaxAge/idleConnectionTester, multiple nodes in XML configuration, 2. Fixes NPE on getConnection timeout. 3. Batch statements... are logged properly. 4. T...

zero
two
report
sweet potato
sweet potato
Published information
2010/06/28 00:00

BoneCP 0.6.6 official release, Java connection pool

After four RC versions, BoneCP 0.6.6 finally released the official version. The main improvements in this version are: Feature: Add driver properties option Feature: Support configuration information in XML format Feature: Log statements too+quote strings Feature: enhance onAcquireFail (+fix small bug) Feature: Support connection timeout configuration Feature: Fully compatible JDK5 Feature: expose internal statements Feature: add onConnectionException hook Feature: support to disable connect

two
one
report
sweet potato
sweet potato
Published information
2010/06/05 00:00

BoneCP 0.6.6 RC1 released

BoneCP is an open source fast JDBC connection pool. In this version, the onConnectionException method is added to catch exceptions caused by connection failures. It no longer relies on the log4j log package; There are also some small improvements in other aspects. See here for details. Download BoneCP 0.6.6 RC1 http://jolbox.com/bonecp/downloads/maven/com/jolbox/bonecp/0.6.6-rc1/

zero
one
report
sweet potato
sweet potato
Published information
2010/04/21 00:00

BoneCP 0.6.5 released, high-performance Java connection pool

BoneCP is an open source fast JDBC connection pool. BoneCP is very small, only over 40K (the runtime requires the support of log4j and Google Collections, which together are quite large), compared with C3P0, which is more than 600K. This version is equivalent to the 0.6.5 RC3 version, because the community did not report more bugs on the basis of RC3 (the reason why the editors think the main users are relatively few). Download BoneCP 0.6.5

zero
zero
report
sweet potato
sweet potato
Published information
2010/04/11 00:00

BoneCP 0.6.5 RC3 released, Java connection pool

BoneCP is an open source fast JDBC connection pool. Feature: Automatic replay of transaction on brokered connections (allows seamless restart of database without affecting application) Feature: Allow disabling JMX Feature: Add custom name to JMX/created threads Feature: Use weakReferences to safely close off connections that were left unclosed by the application without losing performance Feature...

one
zero
report
sweet potato
sweet potato
Published information
2010/03/24 00:00

BoneCP 0.6.5 RC1 release, database connection pool

Improvements in this version include: - Warn when an application forgets to close resources - Display parameter information when logging statements - Improvement: Adds getters/setters for DataSource/Hibernate provider - isClosed() method returns the logical closed state instead of the real state. Download BoneCP 0.6.5 RC1

zero
zero
report
sweet potato
sweet potato
Published information
2010/03/02 00:00

BoneCP 0.6.4 official release, Java connection pool

Changes: 1. This release adds a lazyInit feature to start connection pools lazily. 2. It adds DynamicDataSourceProxy to allow for seamless switching of a data source at runtime. 3. It performs a test connection early in the startup to fail gracefully. 4. It will issue warnings to an app if the user doesn't release a statement. 5. Several bugfixes (don't lose exceptions when showing errors, and ...

zero
zero
report
sweet potato
sweet potato
Published information
2010/02/08 00:00

BoneCP 0.6.4 RC1 release, Java connection pool

Improvements: * Inspect defaults when setup via manual way (via BoneCPConfig) * Close resource (memory) leak introduced with statement caching, * add ability to specify classloader to use * no longer fail if JDBC driver is not specified This makes it possible to load the JDBC driver externally for eg in a container server. Download address: http://jolbox.com/download.html...

zero
zero
report
sweet potato
sweet potato
Published information
2010/01/24 00:00

BoneCP 0.6.3 release, high-performance database connection pool

Improvements in this version: 1 Add the acquireRetryDelay configuration item to specify the timeout time for trying to obtain a connection; 2. Modify setPreparedStatementsCacheSize to setStatementsCacheSize 3 Trace statements that are not in the cache for tuning and downloading BoneCP 0.6.3

zero
zero
report
sweet potato
sweet potato
Published information
2010/01/13 00:00

BoneCP 0.6.3-rc1 released, Java connection pool

I posted a post on BoneCP's forum complaining that BoneCP has bound Log4J. Today, when I went to this forum, the webmaster got a new reply, saying that the log framework has been changed to SLF4J, but it is also bound. The version is 0.6.3 rc1. However, the website does not provide the download of this version, and can only pull code from the version library. The official version will be released later.

two
zero
report
sweet potato
sweet potato
Published information
2010/01/08 00:00

Released by BoneCP 0.6.2

BoneCP is an open source fast JDBC connection pool. BoneCP is very small, only over 40 K (the runtime requires the support of log4j and Google Collections, which together are quite large). Download BoneCP 0.6.2, the source code package

zero
zero
report
sweet potato
sweet potato
Published information
2009/12/28 00:00

Java connection pool BoneCP 0.6.0 released

BoneCP is an open source fast JDBC connection pool. The improvements of version 0.6.0 include: 1 Add the function of obtaining asynchronous connection through getAsyncConnection method 2 Added callback hook for database connection 3 Added the function of sending a specific statement to the first acquired connection 4 The connection object not encapsulated by BoneCP can be directly obtained through the getRawConnection() method 5 Use the Connection. close() method to replace the original releaseConnection() method 6 Move Hibernate's Provider class to the sub package

six
zero
report
No more
Loading failed, please refresh the page
Click to load more
Loading
next page
{{o.author.name}}
Blogged
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
report
No more
No content temporarily
{{o.author.name}}
Issued a question and answer
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
report
No more
No content temporarily
Apache Log4j Code Problem Vulnerability
Deserialization
Log4j is a Java based open source logging tool of the Apache Software Foundation. Log4j version 1.2 includes a SocketServer class. Without verification, this SocketServe class can easily accept serialized log events and deserialize them. When used in combination with the deserialization tool, this class can be used to remotely execute arbitrary code.
CVE-2019-17571 MPS-2019-17271
2022-08-08 18:09
Google Guava Access Control Error Vulnerability
Incorrect permission granting for critical resources
Google Guava is a Java core library of Google, which includes graphic library, function type, I/O and string processing. There is an access control error vulnerability in Guava before 30.0. The vulnerability originates from a temporary directory creation vulnerability in Guava, which allows attackers accessing machines to potentially access files from Guava com. google. common. io. Files The data in the temporary directory created by createTempDir(). An attacker can use this vulnerability to access special directories.
CVE-2020-8908 MPS-2020-17429
2022-08-08 18:09
Apache Log4j Trust Management Vulnerability
Improper certificate verification
Apache Log4j is a Java based open source logging tool of the Apache Foundation. There is a trust management vulnerability in Apache Log4j. The vulnerability originates from SmtpAppender's failure to verify whether the host name matches the SSL/TLS certificate of the SMTPS connection. An attacker can use this vulnerability to intercept the SMTPS connection and obtain log messages by implementing man in the middle attack.
CVE-2020-9488 MPS-2020-6684
2022-08-08 18:09
Apache Log4j security vulnerability
When an attacker has write access to the Log4j configuration, the JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data. An attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations, causing JMSAppender to execute JNDI requests, thus executing remote code in a manner similar to CVE-2021-44228. Please note that this problem only affects Log4j 1.2 when JMSAppender is specifically configured (not the default setting). The lifecycle of Apache Log4j 1.2 ended in August 2015. Users should upgrade to Log4j 2 because it solves many other problems in previous versions.
CVE-2021-4104 MPS-2021-38359
2022-08-08 18:09
Apache Log4j SQL injection vulnerability
SQL injection
According to the design, the JDBC Appender in Log4j 1.2. x accepts SQL statements as configuration parameters, where the value to be inserted is the converter from PatternLayout. Message converter% m may always be included. This allows attackers to manipulate SQL by entering specially crafted strings into the input fields or headers of the recorded application, allowing unexpected SQL queries to be executed. Please note that this problem will affect Log4j 1. x only when it is specifically configured to use JDBC Appender (not the default setting). Starting from version 2.0-beta8, the JDBC Appender has been reintroduced to properly support parameterized SQL queries and further customize the columns written to the log. The lifecycle of Apache Log4j 1.2 ended in August 2015. Users should upgrade to Log4j 2 because it solves many other problems in previous versions.
CVE-2022-23305 MPS-2022-1444
2022-08-08 18:09
Apache Log4j Code Problem Vulnerability
Deserialization
CVE-2020-9493 found a deserialization problem in Apache Chainsaw. Prior to Chainsaw V2.0, Chainsaw was a component of Apache Log4j 1.2. x. The same problem existed.
CVE-2022-23307 MPS-2022-1445
2022-08-08 18:09
Apache Log4j Code Problem Vulnerability
Deserialization
When an attacker has write access to the Log4j configuration or references the LDAP service that the attacker has access to, all JMSSinks in Log4j 1. x are vulnerable to deserialization of untrusted data. An attacker can provide a TopicConnectionFactoryBindingName configuration to enable JMSSink to execute JNDI requests, thus executing remote code in a manner similar to CVE-2021-4104. Please note that this problem only affects Log4j 1. x when it is specifically configured to use JMSSink (not the default setting). The lifecycle of Apache Log4j 1.2 ended in August 2015. Users should upgrade to Log4j 2 because it solves many other problems in previous versions.
CVE-2022-23302 MPS-2022-1446
2022-08-08 18:09
Google Guava Code Problem Vulnerability
Unrestricted or regulated resource allocation
Google Guava is a Java core library of Google, which includes graphic library, function type, I/O and string processing. There is a code problem vulnerability in Google Guava 11.0 to 24.1.1 (excluding 24.1.1). The vulnerability originates from the improper design or implementation of the network system or product code development process.
CVE-2018-10237 MPS-2018-5515
2022-08-08 18:09
No more
Loading failed, please refresh the page
Click to load more
Loading
next page

Awesome software

Change
Pale Moon -Web browser
13th floor -Text based adventure games
RetroArch -Cross platform simulator
Fluent System Icons -Microsoft Fluent UI system icon set
Resource planet -Resource Planet (Chinese version)
Ambient -Multiplayer game engine
DoctorGPT -GPT integrated error diagnosis tool
Liferea -RSS Reader under Linux
Xmind -Mind mapping software
Lunar Mind -Mind mapping tool developed by WPF
DBeaver -Database management tools
Anolis OS -Linux distributions supporting multiple architectures
FinalCrypt -Open source file encryption tool
Mongoose OS -Internet of Things Firmware Development Framework
Dust-Rust -Rust version du command
Cerebras-GPT -Large model of natural language processing
CookieBlock -Browser cookie auto execution extension
RapidOCR -Cross platform OCR library
PuTTY -Remote login client
Lexical translation -Browser translation plug-in
Apache Groovy -JVM Dynamic Scripting Language
AutoCut -Clip a video with a text editor
rdesktop -Remote Desktop Client
DataEase -Open source data visualization analysis platform
ToolJet -Low code framework
City clicker -Urban construction game
Broken Words Static Blog
espanso -Cross platform text extender
FileCodeBox -Document Express Cabinet
CyberChef -Online version of "Swiss Army Knife"

Hot content

More highlights
DB Engines was acquired by Redgate, a British database software developer
Kugua Cloud Classroom (Enterprise Edition) v1.2.8 release, knowledge payment solution
: fire:: fire: Super SDK version manager VMR v0.6.1 preview version surprise release! Support more than 60 languages and tools!
Top 10 distinctive highlights of the new ORM mybatis mp
The first anniversary of open source, the new version of Qinghua was released
MooTool 1.6.1 is released, and developers always have small tools
Jboot v4.1.6 release, based on JFinal microservice framework
Blazork8s released a new version, updated AI execution command logic, and added multiple AI functions
Kangaroo database tool v5.0 has been released
Open Source Daily | Out of the box ChatTTS installation package; Scaling Law is an empirical formula; Two baby dads AI revive old toys; Academicians of the Chinese Academy of Engineering talk about AI; The story of autonomous kernel MCU is hard to tell? TikTok "American Special Edition" recommended algorithm
SQLE 3.2405.0 Release
Maximizing the Effective Throughput of LLM Serving
State fine-tuning, PointRWKV, Chinese documents online... The latest news of RWKV community in May is coming!
Java AI has a bright future
Databases that do not need data
This PHP application server looks a bit trendy! FrankenPHP
The Code R&D management platform - the innovative realization of the integration of daily reports and working hours
The easy-to-use ORM framework mybatis-mp 1.5.3 was released
GRPC 1.64.1 release, cross language RPC framework
Malware is rampant in pirated Microsoft Office
Practice of Netease Yunxin Service Monitoring Platform
go, iris , nuxt, Application and practice of server-side rendering and other technologies in helloworld developer community
Docker File System Practice
Thoroughly understand the import and export of Javascript modules
Free psychological assistance | NetEase Yunxin joined hands with a little smart "heart" to protect against the epidemic
True · Programmer's Guide to May Day | Recommended Books
Netease Seven Fish Service Governance Practice
Yidun public opinion data cleaning "dynamic" and "static" separation scheme
How is a question answering robot with a matching rate of up to 90% refined?
Netease Yunxin Instant Messaging Push Guarantee and Network Optimization Details (III)
Summary of Android instant messaging development (I)
Netease Smart Enterprise Node.js Practice (2) | Smooth release and front-end code
From beginner to advanced | How to build a video conference based on WebRTC
Analysis of lightweight pre training model more suitable for text classification
Things about iOS App development 2: How to build a suitable framework
Active Noise Cancelling
Audio session management of WebRTC series
Video test practice without reference evaluation in Yunxin
Data report scheme based on Elastic search
An article that is easy to understand makes you thoroughly understand Java annotations
Things about iOS App development 1: How to establish appropriate specifications
Handwritten Java LinkedList core source code
How to quickly realize the short video function on the mobile end?
The Way to Balance Network QoS -- Introduction to Audio and Video Weak Network Countermeasures
Industry Observation | Smart screens are bursting, can the big screen market usher in the losers?
Full Practice of Lianmai Interactive Live Broadcast Scheme 2: Evolution of NetEase Cloud Trust Lianmai Interactive Live Broadcast Scheme
[Heavy Release] NetEase Yunxin Quality Data Monitoring Platform Opens NetEase Yunxin
An article to thoroughly understand what Java's big class is
Technology drives remote finance, and Netease Yunxin creates zero touch service
Self rescue of traditional business enterprises under the epidemic | 4 Tips set up broadcast rooms with sales exceeding 100 million yuan
Detailed explanation of IM push guarantee and network optimization (I): how to realize backstage survival without affecting user experience
Heart of technology | Yunxin and TA work together to start the epidemic prevention war
Build a real-time audio and video engine from 0 to 1
Video private cloud practice: build on-demand private cloud platform based on Docker
Thoroughly understand the class design principle - single responsibility principle
Netease Smart Enterprise Node.js Practice (3) | Gray environment and application monitoring
Five simple steps to easily build a local "clubhouse"
Video auxiliary stream of WebRTC series
Architecture and Practice of QUIC Acceleration Service of Netease Yunxin
10 years of programmers' programming language experience and Go's affinity
Detailed explanation of IM push guarantee and network optimization (II): how to make a long connection plus push combination scheme
Mobile IM Development Guide 1: How to select technology
Netease smart enterprise Node.js practice (1) | Node application architecture design and React isomorphism
Job Hunt "Epidemic" | Netease Yunxin Joins Hands with Binjiang District Human Resources and Social Security Bureau to Achieve "Contactless" Recruitment
Random talk on multi tenant design of enterprise level SaaS
What is cross domain and how to solve it? It's easy to understand, and it will take you to finish
Netease Practical Sharing | Yunxin IM SDK Interface Design Practice
Handwritten Java HashMap core source code
Understand the essence of https principle in plain English
Details of PostgreSQL Array Types
What is cross domain and how to solve it? It's easy to understand, and it will take you to finish
Many people can't understand HTTPS, but I can
How to ensure a large-scale live broadcast of ten million levels?
QoS policy in real-time audio and video conference scenario
Principle of binary search tree and Java source code implementation
Chief architect of Netease Cloud Information streaming media: how to build a new generation of audio and video technology architecture?
How to scientifically complete an AR press conference? It's all in this super detailed event planning Xmind
Detailed explanation of four ways of submitting data by POST in HTTP
Mobile IM Development Guide 2: Heartbeat Command Details
On fast reconnection mechanism of websocket
Yesterday, Today and Tomorrow of Echo Cancellation
The four highlights of NetEase Smart Enterprise 2020 Meeting are the first to see!
How to play mobile social? Netease Yunxin, together with Zaizao and Uki, creates more new scenes!
Discussion on SaaS Data Drive
Implementation Practice of AI Driven Super Resolution Technology
Yunxin Classroom | How to Realize Audio and Video Call
Breaking the traditional noise reduction technology to see the practical application of Netease Yunxin in voice noise reduction
##How can we use the developer community to improve our technology?
Summary of Android instant messaging development (II)
Representatives of the NPC and CPPCC discuss financial digital transformation NetEase Cloud Trust helps upgrade financial services
How to design the server architecture when hundreds of thousands of people chat online in the live broadcast room at the same time?
Technical Practice | Talk about the signaling network library practice of NetEase Yunxin
Under the epidemic | They are contributing to the strength of this era
Mobile IM Development Guide 3: How to Optimize the Login Module
IM instant messaging: how to design chat room architecture out of traditional thinking?
Full Practice of Lianmai Interactive Live Broadcast Scheme 3: Implementation Scheme of NetEase Cloud Trust Lianmai Interaction
Talk about the application and design of front-end log base in SaaS products

Popular comments of the whole site

F
Francesca 2024-05-19 18:00
Wine runs the Android emulator of Windows. Chrome OS is installed in the Android emulator. Linux environment is installed in chrome OS. Linux environment is installed in the Linux environment. Wine is installed in the Android emulator
haol666
haol666 2024-05-31 18:56
This story is powerful, I take it seriously, until I see the end.
-SORA-
-SORA- 2024-06-01 09:30
American characters
M
MrChen89 2024-04-29 09:18
There are a group of people like this. I don't know what they have experienced. When it comes to HW, I can't say anything good, even if it's neutral
Brother Xiao Yang
Brother Xiao Yang 2024-06-01 20:39
Isn't Ali developed? What are you afraid of? There's no need for every family to set up a set
Li Yinghui
Li Yinghui 2024-05-09 16:40
Buddhism has a good word, evil opinion. In dealing with the world, it is meaningless to draw conclusions from preset positions; It is also important to receive good logic training.
Qin Liming
Qin Liming 2024-05-11 09:12
be devoid of any sense of shame
z
zhy 2024-05-16 13:16
At the end of Shannon is Nong
Yokesily
Yokesily 2024-06-02 15:11
So designed
Yoona520
Yoona520 2024-05-17 16:34
Zhou Hongyi is now living more and more like a clown. If he stays behind the scenes, he has to become an online celebrity. Can you learn from Lei Jun?
Xiao Xu Middle aged
Xiao Xu Middle aged 2024-06-01 06:49
thank
Single structure
Single structure 2024-05-11 10:09
Selected as Open Source China's disgrace pillar
osc_566335
osc_566335 2024-04-28 14:44
This is also called floor washing? Does it mean that Tesla will not wash the floor if it releases all the source code? Some people HWptds? That is to say, the language is ambiguous, which will also rise to the washing ground? Are some people too focused? Think the people he pays attention to must be staring at?
oldpig
oldpig 2024-04-28 09:59
”Huawei contributed all the source code "?, the title is completely inconsistent with the content.
Voice of God
Voice of God 2024-06-01 20:47
By default, injection ($) and splicing are turned off. If you want to use it, you need to sign the birth and death form and press the fingerprint.
One code Yma
One code Yma 2024-05-06 09:14
My technical article was moved by CSDN. Why didn't anyone step on the sewing machine? This kind of report is a joke to me. The monsters with background are fine, and the monsters without background fight to death
Xiao Xu Middle aged
Xiao Xu Middle aged 2024-05-31 19:13
Very good
osc_25732934
osc_25732934 2024-06-01 19:30
It seems that the current version of the Foreign Function&Memory API is not as fast as that of jni, or even worse. In addition, before vallhala comes out, all interactions between java and c have to get an additional memory. Even if it comes out, it may not be possible to directly throw a copy of binary data into memory as a structure. When the two apis are completely stable, the day lily is cold
sweet potato chips
sweet potato chips 2024-05-31 22:08
Glue code consumes few resources
Dogo_Little People
Dogo_Little People 2024-06-02 12:24
Not everyone will go to see the document in full detail. As a general basic framework, the method naming should consider not only readability but also understandability. At least, it should also establish a cognition for developers. LambdaQueryWrapper is recommended. The official only briefly said that QueryWrapper may lead to SQL injection risks, There are no detailed examples (many people don't understand what SQL injection is). Now I met a jerk and submitted it to CVE to see who is the most powerful
Yeah, for
Yeah, for 2024-05-17 13:42
That's too right. Old Zhou can't control Google, but he can control 360. Do not do to others what you do not want. All 360 products should be opened first.
All the way north GP
All the way north GP 2024-04-25 14:55
America, the future of mankind
Apizza
Apizza 2024-06-01 17:52
You can switch from lodash to radash in 2024!!!
CodeDoger
CodeDoger 2024-05-02 20:48
35 It's too old to go to work and too early to retire at 60
Rocket ship
Rocket ship 2024-05-31 19:22
It's a ghost anyway.
g
gamedot 2024-05-17 11:14
Old Zhou is deeply concerned about Huawei's great cause of open source. He is not a Huawei person, but has Huawei's soul.
Ma Nong Little Fatty Brother
Ma Nong Little Fatty Brother 2024-05-16 14:40
I give you six seconds. I give you six moves with the same effect in the martial arts contest, which shows the invincibility and confidence of the master
Shuimu Yi'an
Shuimu Yi'an 2024-05-20 09:58
The news should be read continuously. I'm waiting for the third news besides rustdesk and teamviewer. Localized remote desktop software is far ahead.
Small and beautiful software development
Small and beautiful software development 2024-06-01 05:06
Cheat one's job
-SORA-
-SORA- 2024-04-30 17:07
When this happened in a foreign country, the comment area suddenly became very objective and rational**
xiaoqibabby
xiaoqibabby 2024-05-15 17:36
The bank is strongly required to be responsible for
Bright Stars 2
Bright Stars 2 2024-05-31 23:28
Remove Unsafe? You don't want netty anymore?
kangaroo
kangaroo 2024-06-01 22:23
The next version focuses on improving existing functions * improving internal power and qi * and continues to move towards the goal of Grand Master.
One code Yma
One code Yma 2024-05-09 09:58
Recently, I often go to interviews. People who hate Ali background most regard me as a fool, even though I am a fool
Ning Jinnong
Ning Jinnong 2024-06-01 21:04
Correct it. The example of loading the library is wrong. It should be # library=@ loading the dynamic library, "./yards to the treasurer. dll"
Love to eat raw pears
Love to eat raw pears 2024-06-01 19:18
Don't expect programmers to have a deep understanding of the document. I still think that since the tool hides the details of $#, some necessary security checks are necessary. Many people do not use MybatisPlus directly, but use various so-called rapid development platforms. The MyBatisPlus rapid development platform Snowy, Guns, etc., has an impression that many versions have the problem of using Wrapper directly to splice the Request parameter. I remember that JeecgBoot was opened a lot of CVEs last year or the year before last because of the Wrapper splicing problem. Do you know the author of ibeetl? Many CVE blaming holes have been opened before. The problem is similar. The lack of basic knowledge "script editing permission" is actively handed over to the front end. What a low-level error or even low-energy behavior. However, I accepted it with an open mind and added a white list check.
Hakuna
Hakuna 2024-05-31 18:28
It is compatible with Oracle, but does not know "just" or "just". Those who can be compatible with Oracle and do well are real men and real warriors. You should know that compatibility means that even bugs must be compatible, and you have no other code that can not be copied. It's all based on real skills and understanding of oracle.
Starry Night Destiny
Starry Night Destiny 2024-06-01 21:49
It feels like Mybatis. It's OK to provide users with optional security solutions. It's useless for users to complain about this problem
People are addicted to food
People are addicted to food 2024-06-01 13:53
History history combination
monkey_cici
monkey_cici 2024-05-09 00:25
My I9 CPU, 64GB memory module and 3080Ti computer are inferior to the top configuration of 19999 on a tablet
osc_92224065
osc_92224065 2024-04-29 10:57
Long term oppressed outsourcing of state-owned enterprises
Code craftsman
Code craftsman 2024-06-01 11:22
I also said "user controllable parameters"
Xiao Xu Middle aged
Xiao Xu Middle aged 2024-06-01 07:03
good
The seven in one little King Kong
The seven in one little King Kong 2024-06-02 15:54
Those people only use resources, others are not developed by NPM...
kakai
kakai 2024-05-10 10:21
The world only knows that Android was created by Google. Several people know that Android is only a product acquired by Google. Similarly, what is the problem with Huawei's contribution to the collection of OGG open source work and integration into its own proprietary product line?
jalena
jalena 2024-05-31 23:57
I can imagine that I will also receive the CVE repair request next week..... I don't use the key!!!!!!!!!
Monkeys think of apes
Monkeys think of apes 2024-05-31 18:31
You can cheat your brother. Just don't cheat yourself
sunday12345
sunday12345 2024-05-15 18:31
What does the bank do? It's blamed on the remote desktop. Persimmons really pick up soft pinches~?
Bright
Bright 2024-05-19 23:25
What a fool! I killed myself. How can people deal with me later.
Chief taxi captain
Chief taxi captain 2024-05-17 11:17
I suggest that 360 open source all its products, and then become the leading enterprise in the domestic open source industry through open source, leading everyone to compete with foreign enterprises
young crops
young crops 2024-06-01 16:21
There is no tipping point. There are also many official documents stating that SQL fragments involving direct string splicing need to be controlled by the user, and specific solutions are also provided. If you say that the value part is injected, then we are also 100% free of any dispute. This obvious SQL fragment is unrealistic for ORM to explain without your control, Since SQL allows splicing fragments, there must be some scenarios that cannot be forced into non SQL strings. It is also very simple. Have you ever thought about why not force them???
Shen Lang Panda
Shen Lang Panda 2024-06-01 08:16
You can directly ask questions in the project work order. The comment area is not suitable for answering such questions
G
GDWhisperer 2024-05-15 17:23
I transferred tens of thousands of yuan to my own account, which was under risk control. How did I do this? The bank should be responsible for this**
Happy LeapFrog
Happy LeapFrog 2024-05-18 09:18
But the question is: "What's the use of this for ordinary Android users?" Now the answer seems to be: "Almost nothing.".
Love to eat raw pears
Love to eat raw pears 2024-06-01 11:48
Why is this so-called "vulnerability" not a vulnerability? Spring, MyBatis and other frameworks can accept all kinds of CVE criticism, while MyBatisPlus has to dump the pot and accuse programmers of being too low-level# There is a difference. The premise is that you write XML, MyBatisPlus encapsulates Wrapper and claims to simplify code. Since it encapsulates and hides $#, it is not appropriate to do some necessary security checks? Instead of doubting the authority of CVE, you should know that SQL ->MyBatis ->MyBatisPlus ->various back-end scaffolds have multiple layers, each layer is simplifying, and each layer is throwing away the upper layer of the boiler. Who dares to use them. The programmers who use MyBatisPlus can't be expected to be at a high level. Every programmer wants to save effort. The front-end parameters can be directly obtained by HttpServletRequest from the back-end. Wrapper splicing can be found everywhere. If something goes wrong, is it the front-end or the framework? According to Qingmiao, can the injection vulnerability of the previous log4j and the deletion vulnerability of the Druid be used to eliminate low-level programmers?
Monkeys think of apes
Monkeys think of apes 2024-05-31 18:31
You can cheat your brother. Just don't cheat yourself
zzeric
zzeric 2024-04-28 20:01
Although France is the parent community, the core developers of OCCT on github are all Russians. Without Russians, the French parent community cannot continue to operate. So Huawei took over, moved to China, changed its name and resumed open source and community operations. What's the problem?
Simple code
Simple code 2024-06-02 20:15
Does JBoot solve the problem that the join template in JFinal only supports Java 8? Is the dependency on Javax to be changed to Jakarta?
looly
looly 2024-06-02 14:32
@Qingmiao Hutool has also been mentioned some loopholes that I think are relatively "low-level", or I think are not loopholes. At first, I was also very angry, but after thinking it through, I found that CVE's idea was that once you did not actively remind users that there was a pit, the user fell into the pit is your fault, that is, your vulnerability. For example, as a traffic policeman, you should remind everyone who crosses the road to pay attention to safety, and ask him to answer whether he knows. Once you don't remind someone and are hit by a car, you can't get away from it. Similarly, when using frameworks and tools, you should provide at least one parameter to remind users that there may be SQL injection vulnerabilities. Note that it is not in the comments, but in the method parameters, which is the user's responsibility. Therefore, it is not comprehensive to provide solutions in comments or documents.
infoworld
infoworld 2024-05-11 15:12
Universities should use open source free software instead of commercial ones. In this way, hands and feet will not be tied technically.

Others are still watching

More highlights
DB Engines was acquired by Redgate, a British database software developer
Kugua Cloud Classroom (Enterprise Edition) v1.2.8 release, knowledge payment solution
: fire:: fire: Super SDK version manager VMR v0.6.1 preview version surprise release! Support more than 60 languages and tools!
Top 10 distinctive highlights of the new ORM mybatis mp
The first anniversary of open source, the new version of Qinghua was released
MooTool 1.6.1 is released, and developers always have small tools
Jboot v4.1.6 release, based on JFinal microservice framework
Blazork8s released a new version, updated AI execution command logic, and added multiple AI functions
Kangaroo database tool v5.0 has been released
Open Source Daily | Out of the box ChatTTS installation package; Scaling Law is an empirical formula; Two baby dads AI revive old toys; Academicians of the Chinese Academy of Engineering talk about AI; The story of autonomous kernel MCU is hard to tell? TikTok "American Special Edition" recommended algorithm
SQLE 3.2405.0 Release
Maximizing the Effective Throughput of LLM Serving
State fine-tuning, PointRWKV, Chinese documents online... The latest news of RWKV community in May is coming!
Java AI has a bright future
Databases that do not need data
This PHP application server looks a bit trendy! FrankenPHP
The Code R&D management platform - the innovative realization of the integration of daily reports and working hours
The easy-to-use ORM framework mybatis-mp 1.5.3 was released
GRPC 1.64.1 release, cross language RPC framework
Malware is rampant in pirated Microsoft Office
The 10th Anniversary Event of ECUG Con: Exploring the deepest practice of cloud technology with celebrities
Full summary of cloud storage application scenarios - audio and video
Invite friends to win the grand prize! Come and draw your signature for 2019 New Year!
Qiniu Cloud is invited to explore the value of financial data through joint auction and loan
Qiniu's wedding ceremony in 2015, about?
Troubleshooting of Difficult and Complicated Problems of Live Broadcasting (II): Playing Carton
Press conference of "Green Entrepreneurship Plan": invite you to witness the new era of college students' entrepreneurship
New function of Qiniu cloud audio and video: audio support AAC_HE
[Activity] Developer's Best Practice Day · Issue 11 - HTML5 and Native App Application Technology Practice
Qiniu Yungong Jing: Continuous delivery platform based on container and big data platform
Jointly build a public security standard system | Qiniuyun and Rui'an Technology reach deep strategic cooperation
Changes of Qiniu data processing architecture
Full summary of cloud storage application scenarios – App, HTML5, Web applications
Qiniu Cloud Storage delivers love declaration to developers through the OSChina platform
Get filters, animations, AR special effects, and quickly show off your short video development special effects!
After cloud computing, the next battlefield of Go: game industry
(II) Mining the infinite value of big data in traditional industry logs
Data migration practice of Caibai
Troubleshooting of Difficult and Miscellaneous Problems of Live Broadcasting Part 3: Slow Start
Cloud data processing makes services lighter Pang Xiangcai (1213 Developer Practice Day)
How can the 300+R&D team maintain the high quality and efficiency of the project?
Object storage JavaScript SDK update, instant experience of simpler and reliable services
ECUG 2015 | Xu Shiwei: The choice of programming language is not about camp, but about taste
Qiniuyun Shopping Carnival Season | Winning the King Jinniu Award
[Warm Spring Gifts] Seven Bulls Customer Care Million Red Packets Come in April!
New Murphy's Law of Cloud Computing
ECUG Con 2014 Technical Dry Goods Sharing Phase II
Why is the breakup between CoreOS and Docker predestined
[Special review on ECUG] Re talk about CERL: Detailed discussion on the differences between GO and ERLANG's concurrent programming models - Xu Shiwei
Use the concept of 12 factor to quickly create high maintainability applications - Ye Feng (1213 developer practice day)
Qi Niuyun Du Jianghua: Let Cloud+AI become the standard configuration of enterprise services
From zero to one, use the real-time audio and video SDK to develop a Zoom
Qiniuyun Feng Liyuan: Evolution of Edge Storage
How to build a high throughput log platform
How to eliminate "bad video"? She teaches you the first step hand in hand
Qiniu Yun Peng Yao: Innovation and development of intelligent platform
With more than 100 million users, how can mature products fully embrace the public cloud?
Mid Autumn Festival National Day welfare | Join the technology charging plan and vote to win the nut mobile phone!
Small program live broadcast is emerging, ready to embrace the latest growth trend?
How to build an efficient and independent container cloud delivery platform?
Tell me your favorite open source project, and Qiniu will support it with you!
Developer's Best Practice Day · Issue 4 - Triathlon software, hardware, cloud
Live quiz must read: technology pits and new play methods that must be known in advance
Had to stay up late Manual
I'm Huang Jianshi. I met my ex girlfriend at work
Qiniu Cloud helps you survive the cold winter | At 10:24 every day, new users get the full amount free of charge
Selection of technical architecture of log analysis system in the scale of 100 billion
Qiniuyun Li Chaoguang: Deep learning platform helps hundred million level content audit system
The 2018 China Short Video Developer Creativity Competition is coming, and the 10000 yuan cash prize invites you to fight!
Help developers to enter overseas markets and accelerate the launch of Qiniu global service
Practical Experience of Highly Available Scalable Architecture
ECUG Con 2018 Morning Bird Ticket Hot Sale | Celebrities Gather to Explore the Next Decade of Cloud Computing
How to develop highly reliable services based on k8s? Container Yunniuren has something to say
Qiniu Cloud successfully passed CMMI3 certification
Developer Best Practice Day · Issue 14 - Technology Drives the Future of E-commerce
It's time to learn the real spark technology
[Double Twelfth] At 12:12 on December 12, there was a limited amount of benefits grabbing. Cloud computing didn't cut corners!
What is the best language in the last decade- Come to Gopher China Conference to find out
In depth analysis of kubernetes resource management, the container Yunniu has something to say
(I) Mining the infinite value of big data in traditional industry logs
Have you found the flavor of these years?
Process, thread, coroutine, synchronous, asynchronous, callback in Python
TAL Xie Hualiang: Application of AI in the Education Industry
How to realize video structured management with AI?
ECUG Con 2014 Technical Dry Goods Sharing Phase I
Cavalry to infantry? 10 minutes to figure out how to go to mosaic in live broadcast
Further Discussion on the Application Prospect of Go Language in Front End
What you want on the Double 11, we have prepared it for you in advance - Qiniuyun products start at 0.1 yuan
ECUG Con invites you to discuss the deepest practice of server development
[Container people must see] Three reasons why you must come to ECUG Con 2018!
[Class in Qiniuwan District] Communication mode between Ruby services
One of the series of live broadcast troubleshooting: broadcast failure
How can startups quickly build efficient monitoring systems?
Full summary of cloud storage application scenarios - picture application
Live broadcast preview: "Green onion entrepreneurship plan" conference
AR+real-time audio and video call, seamless integration of virtual and reality
Use pure Javascript to upload React Native files
The price of Qiniu audio and video services was officially lowered, making rich media become the standard configuration of applications
Dialogue with Qiniu AI Laboratory: Design and Thinking of Deep Learning Platform
How does the test service of the efficiency department of Qiniu Cloud project protect 700000+customers?

Software Author

Authors who have not been certified for this software
Certified as Author
Invite Author Certification

Recommendation of similar software

more

oput Front end data zero deposit and lump sum retrieval tool library

Oput is a tool library for front end reading data of predetermined length, which is equivalent to zero put do. The data obtained asynchronously is fragmented, and the length is uncertain (such as the data of tcp stream). The length of the data to be read is determined

Apache Kyuubi High performance general JDBC and SQL execution engine

Kyuubi is a high-performance general JDBC and SQL execution engine built on Apache Spark. Through Kyuubi, users can process big data like ordinary data, with the goal of becoming the "..."

Magician-JDBC The official JDBC component of Magician

Magician JDBC is the official JDBC component of Magician, which supports multiple data sources, single table operations without sql, and complex operations can write sql, transaction management and other documents https://magician-io.com Sample Guide

Kangaroo SQL client and management tool of database

Kangaroo database tool is a management client (SQLite/MySQL/PostgreSQL/...) built for popular database systems. It is based on the open source technology stack (GNOME) and supports table building, query, model, synchronization, import

BeeOP High performance Java object pool

BeeOP object pool is a lightweight high-performance Java object pool. Maven coordinate (Java7) dependency> <groupId>com.github.chris2018998</grou...

Hot News

one
Microsoft makes major updates to open source font Cascadia Code
two
Why JavaScript, Python and Java are always the first choice of developers
three
The new shares of Damon Data were listed, and online subscription was launched on Friday
four
Instant messaging software ICQ will be closed on June 26, 2024
five
Huawei announces that Olympus will become a hot issue in 2024 - 2 million yuan to solve AI and data storage problems
six
Tencent App Store has reached cooperation with Microsoft Store, and Windows can directly run mobile applications
seven
🏆 Tencent APIJSON 7 released, Huawei Cloud official number recommended • registered enterprise+1
eight
Google's search API document was accidentally released to GitHub: more than 2500 pages, revealing the inside story of search ranking
nine
Hackers use the mine sweeping game Python clone to hide malicious scripts and attack European and American financial institutions
ten
SQLite 3.46.0 release
nine comment
two hundred Collection
share
OSCHINA
Log in to view more high-quality content
Use WeChat to log in quickly
Back to top
Top