699400d1da
Bump kerb-simplekdc from 2.0.2 to 2.0.3
...
Bumps kerb-simplekdc from 2.0.2 to 2.0.3.
---
updated-dependencies:
- dependency-name: org.apache.kerby:kerb-simplekdc
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-24 00:51:12 +00:00
de3adc861d
Update version limits for dependencies ( #9406 )
2023-02-24 11:14:12 +11:00
b7075161d0
Fix osgi dependencies for update to org.eclipse.osgi.services.
2023-02-22 15:21:22 +11:00
4d146412c8
Fix #9334 Cookie Compliance ( #9402 )
...
Fix incorrect change to RFC6265 to not support dollars in cookie names.
Signed-off-by: gregw <gregw@webtide.com>
2023-02-21 21:31:43 +11:00
f01d53895f
Merge pull request #9380 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-deploy-plugin-3.1.0
2023-02-16 02:39:51 +00:00
8b4f5eab41
Merge pull request #9378 from eclipse/dependabot/maven/jetty-10.0.x/org.asciidoctor-asciidoctorj-diagram-2.2.4
2023-02-16 01:01:12 +00:00
840ef48922
Merge pull request #9372 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-invoker-plugin-3.5.0
2023-02-16 00:50:20 +00:00
cfb8d70625
Merge pull request #9371 from eclipse/dependabot/maven/jetty-10.0.x/maven.surefire.plugin.version-3.0.0-M9
2023-02-16 00:49:57 +00:00
cfe6e91338
Merge pull request #9369 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-javadoc-plugin-3.5.0
2023-02-16 00:49:34 +00:00
bce4fc2941
Merge pull request #9367 from eclipse/dependabot/maven/jetty-10.0.x/org.eclipse.tycho-tycho-p2-repository-plugin-3.0.2
2023-02-16 00:49:18 +00:00
610cee13c2
Merge pull request #9359 from eclipse/dependabot/maven/jetty-10.0.x/maven.version-3.9.0
2023-02-16 00:48:39 +00:00
e98d0bdb46
Bump maven-deploy-plugin from 3.0.0 to 3.1.0
...
Bumps [maven-deploy-plugin](https://github.com/apache/maven-deploy-plugin ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/apache/maven-deploy-plugin/releases )
- [Commits](https://github.com/apache/maven-deploy-plugin/compare/maven-deploy-plugin-3.0.0...maven-deploy-plugin-3.1.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-deploy-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 21:31:41 +00:00
5e00105d47
Bump asciidoctorj-diagram from 2.2.3 to 2.2.4
...
Bumps [asciidoctorj-diagram](https://github.com/asciidoctor/asciidoctorj-diagram ) from 2.2.3 to 2.2.4.
- [Release notes](https://github.com/asciidoctor/asciidoctorj-diagram/releases )
- [Commits](https://github.com/asciidoctor/asciidoctorj-diagram/compare/v2.2.3...v2.2.4 )
---
updated-dependencies:
- dependency-name: org.asciidoctor:asciidoctorj-diagram
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 21:31:23 +00:00
897442a14c
Bump maven-invoker-plugin from 3.4.0 to 3.5.0
...
Bumps [maven-invoker-plugin](https://github.com/apache/maven-invoker-plugin ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/apache/maven-invoker-plugin/releases )
- [Commits](https://github.com/apache/maven-invoker-plugin/compare/maven-invoker-plugin-3.4.0...maven-invoker-plugin-3.5.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-invoker-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 21:28:49 +00:00
b4f2f6e5e8
Bump maven.surefire.plugin.version from 3.0.0-M8 to 3.0.0-M9
...
Bumps `maven.surefire.plugin.version` from 3.0.0-M8 to 3.0.0-M9.
Updates `maven-failsafe-plugin` from 3.0.0-M8 to 3.0.0-M9
- [Release notes](https://github.com/apache/maven-surefire/releases )
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M8...surefire-3.0.0-M9 )
Updates `maven-surefire-plugin` from 3.0.0-M8 to 3.0.0-M9
- [Release notes](https://github.com/apache/maven-surefire/releases )
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M8...surefire-3.0.0-M9 )
Updates `surefire-junit47` from 3.0.0-M8 to 3.0.0-M9
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-failsafe-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.surefire:surefire-junit47
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 21:28:26 +00:00
edaf695e4f
Bump maven-javadoc-plugin from 3.4.1 to 3.5.0
...
Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin ) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases )
- [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.4.1...maven-javadoc-plugin-3.5.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 21:27:38 +00:00
0ec8457cdf
Bump tycho-p2-repository-plugin from 3.0.1 to 3.0.2
...
Bumps tycho-p2-repository-plugin from 3.0.1 to 3.0.2.
---
updated-dependencies:
- dependency-name: org.eclipse.tycho:tycho-p2-repository-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 21:26:46 +00:00
5f7e4b6d11
Bump maven.version from 3.8.7 to 3.9.0
...
Bumps `maven.version` from 3.8.7 to 3.9.0.
Updates `maven-artifact` from 3.8.7 to 3.9.0
- [Release notes](https://github.com/apache/maven/releases )
- [Commits](https://github.com/apache/maven/compare/maven-3.8.7...maven-3.9.0 )
Updates `maven-core` from 3.8.7 to 3.9.0
- [Release notes](https://github.com/apache/maven/releases )
- [Commits](https://github.com/apache/maven/compare/maven-3.8.7...maven-3.9.0 )
Updates `maven-model` from 3.8.7 to 3.9.0
- [Release notes](https://github.com/apache/maven/releases )
- [Commits](https://github.com/apache/maven/compare/maven-3.8.7...maven-3.9.0 )
Updates `maven-plugin-api` from 3.8.7 to 3.9.0
- [Release notes](https://github.com/apache/maven/releases )
- [Commits](https://github.com/apache/maven/compare/maven-3.8.7...maven-3.9.0 )
Updates `maven-resolver-provider` from 3.8.7 to 3.9.0
- [Release notes](https://github.com/apache/maven/releases )
- [Commits](https://github.com/apache/maven/compare/maven-3.8.7...maven-3.9.0 )
Updates `maven-settings` from 3.8.7 to 3.9.0
- [Release notes](https://github.com/apache/maven/releases )
- [Commits](https://github.com/apache/maven/compare/maven-3.8.7...maven-3.9.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven:maven-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.apache.maven:maven-core
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.apache.maven:maven-model
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.apache.maven:maven-plugin-api
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.apache.maven:maven-resolver-provider
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.apache.maven:maven-settings
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 21:23:41 +00:00
7a7d69a69f
Happy no year
...
Remove modification date from copyright notice and instead just have the
project inception year.
Signed-off-by: gregw <gregw@webtide.com>
2023-02-15 15:22:32 +11:00
53fa2489b2
fixed commented out test in CookieCutterTest
...
Signed-off-by: gregw <gregw@webtide.com>
2023-02-15 08:55:23 +11:00
7b8c2c1bf0
Fix/jetty 10 9334 review cookie cutter ( #9339 )
...
Cookie cleanup
+ New Cookie parser with clearer focus on RFC6265.
+ Better compliance modes for RFC2965
+ Introduced CookieParser interface so that old and new parsers can coexist and be selected by compliance mode.
---------
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-02-15 08:38:24 +11:00
c2a9768d25
Update SECURITY.md ( #9333 )
...
remove security@eclipse.org , if something goes there that is fine, and we will get it corrected, but our place of authority for security issues should be security@webtide.com
2023-02-14 08:30:51 -06:00
3a7865546c
Updated javascript mimetypes ( #9347 )
...
+ Updated js to text/javascript
+ added mjs extension
Signed-off-by: gregw <gregw@webtide.com>
2023-02-14 18:07:48 +11:00
e75ec5e37a
Issue #9181 NPE in SessionHandler ( #9346 )
2023-02-14 13:22:59 +11:00
622befbd0d
Merge pull request #9344 from eclipse/jetty-10.0.x-multipartCleanups
...
multipart cleanups jetty-10
2023-02-14 12:15:21 +11:00
f43ca5d554
LowResourceMonitor.getReasons should include detailed reason instead of hard-coded message ( #9337 ) ( #9338 )
2023-02-14 09:36:33 +10:00
f5a51548c9
fix test expectation
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-02-14 10:26:23 +11:00
1bb928bbf0
#9344 changes from review
...
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-02-14 09:35:18 +11:00
e623511de2
#9344 changes from review
...
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-02-14 09:35:09 +11:00
5f25f5b389
Fix/jetty 10.0.x/uri host mismatch alt ( #9343 )
...
* Introduce HttpCompliance.MISMATCHED_AUTHORITY
* Update HttpCompliance.RFC2616
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Update NcsaRequestLogTest.testAbsolute
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Use RFC2616 mode in RFC2616 tests
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Alternative fix for mismatched host headers
This PR fixes the miss-matched host header issue in the Request.setMetaData method. This requires no change to the HttpParser.
A more comprehensive fix can be considered for jetty-12.
Signed-off-by: gregw <gregw@webtide.com>
* Alternative fix for mismatched host headers
Updates from review
Signed-off-by: gregw <gregw@webtide.com>
---------
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-02-14 07:43:19 +11:00
a5344d7a26
bring back some multipart improvements from #9287
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-02-09 21:25:39 +11:00
bd4cf3c835
Jetty 10 Upgrade to Hazelcast 5 and totally disable auto join multicast etc.. (fix build on CI) ( #9331 )
...
* upgrade to hazelcast 5.2.1
Signed-off-by: Olivier Lamy <olamy@apache.org
2023-02-09 18:10:22 +10:00
40f7fc8510
Issue #7650 - Fix race condition when stopping QueuedThreadPool ( #9325 )
...
* Issue #7650 - Fix race condition when stopping QueuedThreadPool
Signed-off-by: Dominik Zöchbauer <dominik@zoechbauer.info>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-02-08 10:27:14 +01:00
0a4a077819
Merge pull request #9310 from eclipse/fix/jetty-10.0.x/requestlog-format-with-spaces
...
Issue #9309 - Introducing test for requestlog format with spaces
2023-02-05 20:27:12 -06:00
8bf7c9cef8
Fix #9285 use possibly wrapper response for redirection ( #9286 )
...
Use the servlet response sendRedirect method.
Always close the connection if there is content.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2023-02-05 09:18:24 +11:00
46a316d4df
Issue #9309 - Introducing test for requestlog format with spaces
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-02-03 08:45:35 -06:00
016de2faeb
Jetty 10 - Configurable Unsafe Host Header ( #9283 )
...
* Adding HttpCompliance.DUPLICATE_HOST_HEADERS
+ Optional compliance that allowance duplicate host headers.
* Adding HttpCompliance.UNSAFE_HOST_HEADER
+ Optional compliance that allows unsafe host headers.
* Adding warning logging for bad Host / authority situations
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-02-03 08:30:07 -06:00
f0cba0807a
Merge pull request #9242 from eclipse/dependabot/maven/jetty-10.0.x/org.infinispan-infinispan-bom-11.0.17.Final
...
Bump infinispan-bom from 11.0.16.Final to 11.0.17.Final
2023-02-02 20:07:20 -06:00
ca19b143a9
Bump maven.surefire.plugin.version from 3.0.0-M5 to 3.0.0-M8 ( #9255 )
2023-02-02 04:15:39 +00:00
1283b85b60
More JPMS tests for JSTL.
...
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2023-02-01 22:48:48 +01:00
84dba1d885
Bump infinispan-bom from 11.0.16.Final to 11.0.17.Final
...
Bumps [infinispan-bom](https://github.com/infinispan/infinispan ) from 11.0.16.Final to 11.0.17.Final.
- [Release notes](https://github.com/infinispan/infinispan/releases )
- [Changelog](https://github.com/infinispan/infinispan/blob/main/Jenkinsfile-release )
- [Commits](https://github.com/infinispan/infinispan/compare/11.0.16.Final...11.0.17.Final )
---
updated-dependencies:
- dependency-name: org.infinispan:infinispan-bom
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-01 20:15:25 +00:00
c310f8a9e5
Merge pull request #9273 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-enforcer-plugin-3.2.1
...
Bump maven-enforcer-plugin from 3.1.0 to 3.2.1
2023-02-01 14:13:19 -06:00
f47c146f4a
Bump apache-mina to 2.2.1
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-02-01 11:54:32 -06:00
de454bd3f7
Bump maven-enforcer-plugin from 3.1.0 to 3.2.1
...
Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer ) from 3.1.0 to 3.2.1.
- [Release notes](https://github.com/apache/maven-enforcer/releases )
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.1.0...enforcer-3.2.1 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-01 17:51:36 +00:00
c59623b6ad
Merge pull request #9282 from eclipse/fix/jetty-10.0.x/dependency-rollup-feb-1
...
Jetty 10 - Dependency Roll-up February 2023
2023-02-01 18:43:27 +01:00
b9332c6a55
Merge remote-tracking branch 'origin/dependabot/maven/jetty-10.0.x/ant.version-1.10.13' into fix/jetty-10.0.x/dependency-rollup-feb-1
2023-02-01 09:07:16 -06:00
b892769a02
Merge remote-tracking branch 'origin/dependabot/maven/jetty-10.0.x/maven.plugin-tools.version-3.7.1' into fix/jetty-10.0.x/dependency-rollup-feb-1
...
# Conflicts:
# pom.xml
2023-02-01 09:06:48 -06:00
7c50092ef8
Merge remote-tracking branch 'origin/dependabot/maven/jetty-10.0.x/maven.resolver.version-1.9.4' into fix/jetty-10.0.x/dependency-rollup-feb-1
2023-02-01 09:06:13 -06:00
5bb021098a
Merge remote-tracking branch 'origin/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-plugin-plugin-3.7.1' into fix/jetty-10.0.x/dependency-rollup-feb-1
2023-02-01 09:06:07 -06:00
98ae8751ae
Merge remote-tracking branch 'origin/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-checkstyle-plugin-3.2.1' into fix/jetty-10.0.x/dependency-rollup-feb-1
2023-02-01 09:06:04 -06:00
dependabot[bot]
Jan Bartel
Greg Wilkins
Simone Bordet
Jesse McConnell
Lachlan
jluehe
Olivier Lamy
Dominik Zöchbauer
Joakim Erdfelt