Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
github.com/apache/solr-operator
The Solr Operator is the official way of managing an Apache Solr ecosystem within Kubernetes. It is built on top of the Kube Builder framework. Please visit the official site for more information.
The project is Production Ready, and has been successfully used to manage production SolrClouds for some of the largest users of Solr.
The API Version is still beta (v1beta1
), and minor versions can have backwards-incompatible API changes.
However, the Solr Operator will always have upgrade paths that are backwards-compatible.
Please check the version compatibility and upgrade/deprecation notes for more information.
If you run into issues using the Solr Operator, please:
Join us on the #solr-operator channel in the official Kubernetes slack workspace.
Please visit the following pages for documentation on using and developing the Solr Operator:
helm/
are not guaranteed to be compatible with the last stable release, and should only be used for development purposes.Example uses of each CRD have been provided.
Make sure to check the Solr Operator Upgrade notes, before upgrading the Solr Operator or CRDs in your Kubernetes cluster.
This page also contains Version Compatibility Matrixes, which detail the compatible Solr versions and Kubernetes versions for each release of the Solr Operator.
We :heart: contributions.
Have you had a good experience with the Solr Operator? Why not share some love and contribute code, or just let us know about any issues you had with it?
We welcome issue reports here; be sure to choose the proper issue template for your issue, so that we can be sure you're providing the necessary information.
Before submitting a PR, please be sure to run make prepare
before committing.
Otherwise the GitHub checks are likely to fail.
If you are trying to run tests locally in IntelliJ/GoLand, refer to the IDEA tests docs.
Please refer to the E2E/Integration Testing guide for information on how to run full integration tests for your changes.
Please read the LICENSE file here.
The Solr Operator docker image contains NOTICE and LICENSE information in the /etc/licenses
directory.
This is different from the source release LICENSE and NOTICE files, so make sure to familiarize yourself when using the image.
This space applies the ASF Code of Conduct If you have any concerns about the Code, or behavior which you have experienced in the project, please contact us at private@solr.apache.org .
If you believe you have identified a security vulnerability in this project, please send email to the ASF security team at security@solr.apache.org, detailing the suspected issue and any methods you've found to reproduce it. More details can be found here
Please do NOT open an issue in the GitHub repository, as we'd prefer to keep vulnerability reports private until we've had an opportunity to review and address them.
The Solr Operator was donated to Apache Solr by Bloomberg, after the v0.2.8 release. Many thanks to their contributions over the years!
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.