Axon Framework - Release 4.5.6

As of the 30th of December, we have released Axon Framework 4.5.6.
The majority of changes in this release are dependency updates for (1) ease of mind and (2) to resolve security predicaments.

Here is an exert of the most interesting changes made in this release:

  • Although Axon Framework doesn’t use the log4j-core dependency directly, we updated it to the most recent version for ease of mind.
    You can follow these increments in issues #2038, #2040 and #2052.

  • Contributor jasperfect spotted a predicament with duplicate aggregate creation combined with using caches.
    Axon didn’t invalidate the cache as it should have, causing unexpected behavior.
    You can find the issue description here.
    Additionally, you can find the pull request solving the problem here.

  • Contributor shubhojitr stated in issue #2051 that the axonserver-connector-java project pulled in a non-secure version of grpc-netty.
    As this isn’t an issue on Axon Framework itself, we solved the problem under the connector project.
    As a follow-up, we incremented the framework’s version for the axonserver-connector-java project to 4.5.4, which contains the most recent version of the grpc-bom.

For an exhaustive list of all the changes, check out the 4.5.6 release notes.