Skip to content

[Backport 2.19-dev] Support nested aggregation when calcite enabled (#4979)#5012

Merged
LantaoJin merged 1 commit into
opensearch-project:2.19-devfrom
LantaoJin:backport/backport-4979-to-2.19-dev
Jan 5, 2026
Merged

[Backport 2.19-dev] Support nested aggregation when calcite enabled (#4979)#5012
LantaoJin merged 1 commit into
opensearch-project:2.19-devfrom
LantaoJin:backport/backport-4979-to-2.19-dev

Support nested aggregation when calcite enabled (#4979)

b5862aa
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check failed Jan 5, 2026 in 2m 27s

Security Report

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue
CVE-2025-68161

Path to dependency file: /integ-test/build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar

Dependency Hierarchy:

-> ❌ log4j-core-2.21.0.jar (Vulnerable Library)

Medium 5.4 Direct log4j-core-2.21.0.jar log4j-core-2.21.0.jar 2.25.3 None

Base branch total remaining vulnerabilities: 0
Base branch commit: 77633ef589d839c57c4c00fdc8a86d70a02d74d8


Total libraries scanned: 214

Scan token: 44d77fe68c3343d9972490d6d827ce54

View more details on Mend for GitHub.com