From 4fee8cd41a213733a9d821ff5172e16c711590f7 Mon Sep 17 00:00:00 2001
From: "opensearch-trigger-bot[bot]"
 <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Date: Thu, 7 Dec 2023 10:35:23 -0800
Subject: [PATCH] Add 2.6.1 change log (#3830) (#3831)

Signed-off-by: Asif Sohail Mohammed <nsifmoh@amazon.com>
(cherry picked from commit 895deba8eee7a84ba67f11a436c8c54aa5c24212)

Co-authored-by: Asif Sohail Mohammed <nsifmoh@amazon.com>
---
 .../data-prepper.change-log-2.6.1.md          | 287 ++++++++++++++++++
 1 file changed, 287 insertions(+)
 create mode 100644 release/release-notes/data-prepper.change-log-2.6.1.md

diff --git a/release/release-notes/data-prepper.change-log-2.6.1.md b/release/release-notes/data-prepper.change-log-2.6.1.md
new file mode 100644
index 0000000000..ec18c7ef42
--- /dev/null
+++ b/release/release-notes/data-prepper.change-log-2.6.1.md
@@ -0,0 +1,287 @@
+
+* __Generated THIRD-PARTY file for 78088fb (#3828)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Thu, 7 Dec 2023 08:18:40 -0800
+    
+    EAD -&gt; refs/heads/2.6.1-change-log, refs/remotes/upstream/2.6
+    Signed-off-by: GitHub &lt;noreply@github.com&gt;
+    Co-authored-by: dlvenable
+    &lt;dlvenable@users.noreply.github.com&gt;
+
+* __Update to Logback 1.4.14 in performance test and sample app to fix CVE-2023-6481. Resolves #3817. (#3819) (#3820)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Thu, 7 Dec 2023 07:13:01 -0800
+    
+    
+    Signed-off-by: David Venable &lt;dlv@amazon.com&gt;
+    (cherry picked from commit 3d4d769103cb04c7ba50d55dfb588370400ff9d7)
+     Co-authored-by: David Venable &lt;dlv@amazon.com&gt;
+
+* __Bump joda-time:joda-time in /data-prepper-plugins/rss-source (#3789) (#3825)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 14:46:48 -0800
+    
+    
+    Bumps [joda-time:joda-time](https://github.com/JodaOrg/joda-time) from 2.11.1
+    to 2.12.5.
+    - [Release notes](https://github.com/JodaOrg/joda-time/releases)
+    - [Changelog](https://github.com/JodaOrg/joda-time/blob/main/RELEASE-NOTES.txt)
+    
+    - [Commits](https://github.com/JodaOrg/joda-time/compare/v2.11.1...v2.12.5)
+    
+    ---
+    updated-dependencies:
+    - dependency-name: joda-time:joda-time
+     dependency-type: direct:production
+     update-type: version-update:semver-minor
+    ...
+     Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
+    Co-authored-by:
+    dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+    (cherry picked from commit 5b372ce4576f6dca2f7748a03f9c612d94c214c2)
+     Co-authored-by: dependabot[bot]
+    &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+
+* __Bump joda-time:joda-time in /data-prepper-plugins/s3-sink (#3798) (#3826)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 14:46:37 -0800
+    
+    
+    Bumps [joda-time:joda-time](https://github.com/JodaOrg/joda-time) from 2.11.1
+    to 2.12.5.
+    - [Release notes](https://github.com/JodaOrg/joda-time/releases)
+    - [Changelog](https://github.com/JodaOrg/joda-time/blob/main/RELEASE-NOTES.txt)
+    
+    - [Commits](https://github.com/JodaOrg/joda-time/compare/v2.11.1...v2.12.5)
+    
+    ---
+    updated-dependencies:
+    - dependency-name: joda-time:joda-time
+     dependency-type: direct:production
+     update-type: version-update:semver-minor
+    ...
+     Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
+    Co-authored-by:
+    dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+    (cherry picked from commit 8d7414ced1730cea81b6f046f9196ff5373f2726)
+     Co-authored-by: dependabot[bot]
+    &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+
+* __Bump joda-time:joda-time in /data-prepper-plugins/s3-source (#3790) (#3827)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 14:46:24 -0800
+    
+    
+    Bumps [joda-time:joda-time](https://github.com/JodaOrg/joda-time) from 2.11.1
+    to 2.12.5.
+    - [Release notes](https://github.com/JodaOrg/joda-time/releases)
+    - [Changelog](https://github.com/JodaOrg/joda-time/blob/main/RELEASE-NOTES.txt)
+    
+    - [Commits](https://github.com/JodaOrg/joda-time/compare/v2.11.1...v2.12.5)
+    
+    ---
+    updated-dependencies:
+    - dependency-name: joda-time:joda-time
+     dependency-type: direct:production
+     update-type: version-update:semver-minor
+    ...
+     Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
+    Co-authored-by:
+    dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+    (cherry picked from commit 0940af9b10f72b924418f566beca0687aaa5a0b3)
+     Co-authored-by: dependabot[bot]
+    &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+
+* __Bump org.apache.logging.log4j:log4j-jpl in /data-prepper-core (#3742) (#3823)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 14:46:01 -0800
+    
+    
+    Bumps org.apache.logging.log4j:log4j-jpl from 2.21.1 to 2.22.0.
+    
+    ---
+    updated-dependencies:
+    - dependency-name: org.apache.logging.log4j:log4j-jpl
+     dependency-type: direct:production
+     update-type: version-update:semver-minor
+    ...
+     Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
+    Co-authored-by:
+    dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+    (cherry picked from commit d9da8692dcd745e9b15d3982cb90c42dd4765f74)
+     Co-authored-by: dependabot[bot]
+    &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+
+* __Bump org.apache.logging.log4j:log4j-bom in /data-prepper-core (#3743) (#3824)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 14:45:39 -0800
+    
+    
+    Bumps
+    [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2)
+    from 2.21.1 to 2.22.0.
+    - [Release notes](https://github.com/apache/logging-log4j2/releases)
+    -
+    [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc)
+    
+    -
+    [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.21.1...rel/2.22.0)
+    
+    
+    ---
+    updated-dependencies:
+    - dependency-name: org.apache.logging.log4j:log4j-bom
+     dependency-type: direct:production
+     update-type: version-update:semver-minor
+    ...
+     Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
+    Co-authored-by:
+    dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+    (cherry picked from commit 606a05718da6520353f160300deccf5563f0cb08)
+     Co-authored-by: dependabot[bot]
+    &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+
+* __Bump org.apache.logging.log4j:log4j-bom in /data-prepper-expression (#3738) (#3822)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 14:45:17 -0800
+    
+    
+    Bumps
+    [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2)
+    from 2.21.1 to 2.22.0.
+    - [Release notes](https://github.com/apache/logging-log4j2/releases)
+    -
+    [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc)
+    
+    -
+    [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.21.1...rel/2.22.0)
+    
+    
+    ---
+    updated-dependencies:
+    - dependency-name: org.apache.logging.log4j:log4j-bom
+     dependency-type: direct:production
+     update-type: version-update:semver-minor
+    ...
+     Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
+    Co-authored-by:
+    dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+    (cherry picked from commit ab8f65c64b9ee909b831f6ef15a6c0a71a05e85f)
+     Co-authored-by: dependabot[bot]
+    &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+
+* __Update to Data Prepper 2.6.1 for upcoming release. (#3818)__
+
+    [David Venable](mailto:dlv@amazon.com) - Wed, 6 Dec 2023 14:35:50 -0800
+    
+    
+    Signed-off-by: David Venable &lt;dlv@amazon.com&gt;
+
+* __Gradle project maintenance: Jackson 2.15.3, use the Jackson version from the BOM consistently, use the JUnit and Mockito from the version catalog consistently. (#3802) (#3812)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 13:53:06 -0800
+    
+    
+    Signed-off-by: David Venable &lt;dlv@amazon.com&gt;
+    (cherry picked from commit d501af69c10b93efbb0c68abeeda4f5023323e18)
+     Co-authored-by: David Venable &lt;dlv@amazon.com&gt;
+
+* __Logback 1.4.12 in performance test project to fix CVE-2023-6378 (#3746) (#3811)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 13:51:45 -0800
+    
+    
+    Use Logback 1.4.12 in the performance test project to fix CVE-2023-6378.
+    Resolves #3729
+    Use Logback 1.4.12 in the sample analytics project to fix
+    CVE-2023-6378. Resolves #3729
+     Signed-off-by: David Venable &lt;dlv@amazon.com&gt;
+    (cherry picked from commit ea8e33016b55bca29b4e2f467a95a61746ee83b8)
+     Co-authored-by: David Venable &lt;dlv@amazon.com&gt;
+
+* __FIX: deal with event with object size zero (#3806) (#3808)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 6 Dec 2023 15:17:40 -0600
+    
+    
+    * FIX: deal with event with object size zero
+     Signed-off-by: George Chen &lt;qchea@amazon.com&gt;
+    (cherry picked from commit ad62f74e46b395c7296723561f9e286ab55a61b7)
+     Co-authored-by: Qi Chen &lt;qchea@amazon.com&gt;
+
+* __Bump com.fasterxml.jackson.datatype:jackson-datatype-jsr310 (#3733) (#3748)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Fri, 1 Dec 2023 12:56:54 -0800
+    
+    
+    Bumps com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.15.2 to
+    2.16.0.
+    
+    ---
+    updated-dependencies:
+    - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310
+     dependency-type: direct:production
+     update-type: version-update:semver-minor
+    ...
+     Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
+    Co-authored-by:
+    dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+    (cherry picked from commit c9338e7d980431710f04515567a2a240ecb0047e)
+     Co-authored-by: dependabot[bot]
+    &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
+
+* __Fix bug where update/upsert bulk action did not filter exclude/include keys, document_root_key, etc (#3747) (#3801)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Fri, 1 Dec 2023 14:28:16 -0600
+    
+    
+    Signed-off-by: Taylor Gray &lt;tylgry@amazon.com&gt;
+    (cherry picked from commit 48d0d727bb019e2b4018779bb54cc1b74258bf54)
+     Co-authored-by: Taylor Gray &lt;tylgry@amazon.com&gt;
+
+* __Require nimbus-jose-jwt 9.37.1 which fixes CVE-2021-31684 and CVE-2023-1370 by using a newer shaded version of json-smart. (#3720) (#3731)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Fri, 1 Dec 2023 11:10:36 -0800
+    
+    
+    Signed-off-by: David Venable &lt;dlv@amazon.com&gt;
+    (cherry picked from commit 048263fd846c5d63f664330fe365b0b95e938a87)
+     Co-authored-by: David Venable &lt;dlv@amazon.com&gt;
+
+* __Updates the example analytics-service to Spring Boot 3.1.6 which fixes CVE-2023-34055. (#3721) (#3732)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Fri, 1 Dec 2023 11:10:18 -0800
+    
+    
+    Signed-off-by: David Venable &lt;dlv@amazon.com&gt;
+    (cherry picked from commit 979a0045b4970c7d31909a722a753adc3d2666ca)
+     Co-authored-by: David Venable &lt;dlv@amazon.com&gt;
+
+* __Add aggregate metrics for ddb source export and stream (#3724) (#3728)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Fri, 1 Dec 2023 09:44:28 -0600
+    
+    
+    Signed-off-by: Taylor Gray &lt;tylgry@amazon.com&gt;
+    (cherry picked from commit 1af1ce9c6684994aaac059a4f79b8a780f8a09a8)
+     Co-authored-by: Taylor Gray &lt;tylgry@amazon.com&gt;
+
+* __Updates data-prepper-api fully to JUnit 5 and removes JUnit vintage from the Gradle project. (#3627) (#3723)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 29 Nov 2023 10:17:32 -0800
+    
+    
+    Signed-off-by: David Venable &lt;dlv@amazon.com&gt;
+    (cherry picked from commit 63b7fc6d450e4ca684d6793676d068ade4b20de6)
+     Co-authored-by: David Venable &lt;dlv@amazon.com&gt;
+
+* __Add 2.6.0 change log (#3714) (#3718)__
+
+    [opensearch-trigger-bot[bot]](mailto:98922864+opensearch-trigger-bot[bot]@users.noreply.github.com) - Wed, 29 Nov 2023 09:07:37 -0800
+    
+    
+    Signed-off-by: Asif Sohail Mohammed &lt;nsifmoh@amazon.com&gt;
+    (cherry picked from commit 684239e55477c71df077ac27e9c480b89faa3938)
+     Co-authored-by: Asif Sohail Mohammed &lt;nsifmoh@amazon.com&gt;
+
+