Apache/jclouds
1
0
Fork 0
mirror of https://github.com/apache/jclouds.git synced 2025-02-07 02:29:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,810 Commits 23 Branches 132 Tags
Commit Graph

10810 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
b754e177fe Bump snakeyaml from 1.31 to 1.32 in /apis/byon 
---
updated-dependencies:
- dependency-name: org.yaml:snakeyaml
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-15 12:40:10 +09:00
Andrew Gaul
552eb95c44 Fix Files name collision 
Regression from b282b5cbfef760be026660522e78d1bba81988ac.
 2022-11-21 07:49:18 +09:00
Jonathan Leitschuh
b282b5cbfe vuln-fix: Temporary File Information Disclosure 
This fixes temporary file information disclosure vulnerability due to the use
of the vulnerable `File.createTempFile()` method. The vulnerability is fixed by
using the `Files.createTempFile()` method which sets the correct posix permissions.

Weakness: CWE-377: Insecure Temporary File
Severity: Medium
CVSSS: 5.5
Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.SecureTempFileCreation)

Reported-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>

Bug-tracker: https://github.com/JLLeitschuh/security-research/issues/18


Co-authored-by: Moderne <team@moderne.io>
 2022-11-20 21:31:45 +09:00
Hervé Boutemy
25bcb7961e activate Reproducible Builds 2022-11-14 07:54:03 +09:00
Christian.Jung
b2a2025b32 This fixes problem JCLOUDS 1615. 2022-10-14 22:11:19 +09:00
SATYANAN-ANAND
d913a56037
JCLOUDS-1617: Fix HTTPS support in OkHttpCommandExecutorService (#153) 
* JCLOUDS-1617: Fix HTTPS support in OkHttpCommandExecutorService

Added support for  proxy server type = HTTPS

* Update DelegatingSocketFactory.java

Added java doc
 2022-09-15 17:50:36 +02:00
dependabot[bot]
b098cceaf9
Bump snakeyaml from 1.26 to 1.31 in /apis/byon (#154) 
Bumps [snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) from 1.26 to 1.31.
- [Commits](https://bitbucket.org/snakeyaml/snakeyaml/branches/compare/snakeyaml-1.31..snakeyaml-1.26)

---
updated-dependencies:
- dependency-name: org.yaml:snakeyaml
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-15 13:16:09 +02:00
Andrew Gaul
57a9e7b7cc Deep copy Blob in LocalBlobStore.getBlob 
ByteSourcePayload.openStream is not thread safe and lack of
synchronization can throw ArrayIndexOutOfBoundsExceptions.  Instead
deep copy the underlying Payload.  Fixes gaul/s3proxy#303.
 2022-08-04 21:17:44 +09:00
Andrew Gaul
5067897ff5 Upgrade to jax-rs 2.1.1 
Also address constant TODO.
 2022-08-04 07:38:54 +09:00
SATYANAN-ANAND
88f0c341cf JCLOUDS-1616: Proxy credentials validation is missing in OkHttpCommandExecutorService API request 
Added support for credentials validation
 2022-08-03 21:26:49 +09:00
Andrew Gaul
7fecb72e0d Upgrade to testng 7.5 
Requires upgrading surefire as well.
 2022-08-03 21:24:12 +09:00
Andrew Gaul
f4ec2bb63c Address testng cyclic dependency 
Uncovered by newer versions of testng.
 2022-08-03 21:24:12 +09:00
Andrew Gaul
5111923566 Specify missing DataProviders 
Uncovered by newer versions of testng.
 2022-08-03 21:24:12 +09:00
Andrew Gaul
2b217fb2bb Annotate public non-test methods 
Newer versions of TestNG try to run these.
 2022-08-03 21:24:12 +09:00
Andrew Gaul
65e16c97f5 Annotate test methods as singleThreaded 
Newer versions of testng deprecate sequential.
 2022-08-03 21:24:12 +09:00
Andrew Gaul
16926b0bb7 Upgrade to assertj 3.23.1 
Enabled by requiring Java 8.  Also fix some minor API breakage.
 2022-07-31 17:19:05 +09:00
Andrew Gaul
aea2603733 JCLOUDS-1609: Upgrade to BouncyCastle 1.71 
Release notes:

https://www.bouncycastle.org/releasenotes.html#r1rv71
 2022-06-18 18:25:32 +09:00
Andrew Gaul
d404391651 JCLOUDS-1602: Upgrade to Jetty 9.4.46 
Remove BaseJettyTest which BaseMockWebServerTest superseded.
 2022-06-12 18:32:43 +09:00
Andrew Gaul
7eb64f4850 JCLOUDS-1603: Upgrade to Guava 31.1 2022-06-12 18:30:56 +09:00
dependabot[bot]
3538aba871 Bump logback-core from 1.1.2 to 1.2.9 in /project 
Bumps logback-core from 1.1.2 to 1.2.9.

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-12 13:01:13 +09:00
dependabot[bot]
a9c76e7d8a Bump httpclient from 4.3.6 to 4.5.13 in /drivers/apachehc 
Bumps httpclient from 4.3.6 to 4.5.13.

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents:httpclient
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-12 12:43:10 +09:00
dependabot[bot]
2d893aec33 Bump logback-classic from 1.1.2 to 1.2.0 in /project 
Bumps logback-classic from 1.1.2 to 1.2.0.

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-12 12:40:38 +09:00
Ikky
bcf3b64a2c
Update README copyright dates and AzureBlob README 2022-05-04 10:23:05 +09:00
Andrew Gaul
659951bc63 JCLOUDS-1601: Upgrade to log4j 2.17.2 
Release notes:

https://logging.apache.org/log4j/2.x/changes-report.html#a2.17.2
 2022-04-17 23:01:44 +09:00
Andrew Gaul
27274d40a9 JCLOUDS-1604: Upgrade to AutoFactory 1.0.1 2022-04-17 22:59:01 +09:00
Andrew Gaul
36f351cd18 Next development version 2.6.0-SNAPSHOT 2022-03-26 18:30:06 +09:00
ramahin
5fad7fa895 JCLOUDS-1599 - Add support for GLACIER_IR storage class 2022-03-09 09:06:13 +09:00
SATYANAN-ANAND
83deb0efef
JCLOUDS-1598: Support Metric Alert Operation (#134) 2022-02-25 10:12:43 -08:00
SATYANAN-ANAND
99f2ff86da
JCLOUDS-1597: Support for Alerts (#133) 2022-02-21 19:37:50 +09:00
SATYANAN-ANAND
738a01dda6 Update AzureComputeApi.java 2022-02-05 00:02:24 -08:00
SATYANAN-ANAND
2b16b55e33 JCLOUDS-1596: Support Activity Log Alert Operations 2022-02-05 00:02:24 -08:00
Andrew Gaul
468b126dd8 JCLOUDS-1594: Allow overriding S3 signer 
Previously s3 always used v2 and aws-s3 always used v4.  Now s3
defaults to v2 and can override to v4.  Note that this does not change
BlobRequestSigner.
 2022-01-12 22:24:45 +09:00
SATYANAN-ANAND
c95ddff020
JCLOUDS-1591: Fix NPE in ClientCredentialsClaims 2021-12-27 16:26:28 +09:00
Andrew Gaul
1a4bcd5547 JCLOUDS-1589: Upgrade to log4j 2.17.0 
This addresses a high severity CVE:

https://logging.apache.org/log4j/2.x/security.html
 2021-12-19 09:30:03 +09:00
Andrew Gaul
3bbb0b446a JCLOUDS-1590: Promote glacier to core 2021-12-18 00:11:40 +09:00
Andrew Gaul
afa92c7478 Merge remote-tracking branch 'jclouds-labs-aws-local/promote-glacier-moved' into promoted-glacier 2021-12-17 13:55:10 +09:00
Andrew Gaul
66ef18c6ae JCLOUDS-1589: Upgrade to log4j 2.16.0 
This addresses a critical CVE:

https://logging.apache.org/log4j/2.x/security.html
 2021-12-17 13:33:38 +09:00
Andrew Gaul
dbd8eb1dab JCLOUDS-1589: Upgrade to log4j 2.16.0 
This addresses a critical CVE:

https://logging.apache.org/log4j/2.x/security.html
 2021-12-16 23:56:09 +09:00
Juan Cabrerizo
14e92fc8c8
JCLOUDS-1588: Bump google gson to 2.8.9 due to detected vulnerability (#124) 2021-11-10 19:51:52 +09:00
Andrew Gaul
7fffa59158 JCLOUDS-1586: Upgrade to Guice 5.0.1 
Guice 4.2.3 makes illegal reflective accesses that Java 17 does not
allow.  References google/guice#1133.  Release notes:

https://github.com/google/guice/wiki/Guice501
 2021-11-10 09:08:48 +09:00
Andrew Gaul
6db1ee9d6a Removed unused jetty-server dependency 2021-10-31 18:57:22 +09:00
Andrew Gaul
b0592c5afa Next development version 2.5.0-SNAPSHOT 2021-09-19 08:59:59 +09:00
Andrew Gaul
e8e78689e6 Next development version 2.4.0-SNAPSHOT 2021-09-19 08:58:25 +09:00
Rajani-cloud
8167513c35 JCLOUDS-1584 : Deployment API fails when ARM Template deploys for creating Azure VM 2021-09-04 16:30:18 +09:00
Timur Alperovich
0b68e8adee JCLOUDS-1558: Implement Azure Blob Azure AD auth 
Implements the Azure AD authentication for Azure Blob, using the OAuth
module. Added more parameters to the AzureBlob provider:
- azureblob.auth
- azureblob.account
- azureblob.tenantId

The "auth" parameter is used to specify whether Key/SAS auth or Active
Directory is used. When using Active Directory auth, the identity no
longer maps to the storage account, which has to be specified
explicitly. The tenant ID also needs to be supplied to construct the
auth URL to obtain the token correctly.
 2021-08-22 15:52:48 +09:00
Timur Alperovich
519bee9f60 AzureBlob: Update API to 2017-11-09 2021-08-16 00:03:07 -07:00
Timur Alperovich
a1df0bb1f5 Store the MPU ETag for the transient blobstore 
JCLOUDS-1582: fixes a bug in the transient blobstore where after
uploading a multipart upload, GET/HEAD returns the hash of the content,
rather than the MPU ETag.
 2021-08-05 18:46:35 +09:00
Andrew Gaul
720e92c54a Prefer case-insenstive header comparisons 
Follows up to #116.
 2021-07-29 20:01:27 +09:00
Simone Locci
0787bb891b Fix location header case sensitive 2021-07-28 08:44:36 +09:00
Andrew Gaul
d861768d49 Add missing javax dependencies for modern Java 
Java 9 modularization removed these.
 2021-07-20 23:04:53 +09:00