Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,363 Commits 69 Branches 462 Tags 369 MiB
Commit Graph

23363 Commits

Author SHA1 Message Date
dependabot[bot] 9bec329c3f
Bump google-cloud-datastore from 2.1.2 to 2.1.3 
Bumps [google-cloud-datastore](https://github.com/googleapis/java-datastore) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/googleapis/java-datastore/releases)
- [Changelog](https://github.com/googleapis/java-datastore/blob/main/CHANGELOG.md)
- [Commits](https://github.com/googleapis/java-datastore/compare/v2.1.2...v2.1.3)

---
updated-dependencies:
- dependency-name: com.google.cloud:google-cloud-datastore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-21 09:18:22 +00:00
Lachlan ec221865b6
Merge pull request #6978 from eclipse/jetty-10.0.x-4275-ambiguousparam 
Improve #4275 ambiguous URIs (#6939)
 2021-10-21 17:48:33 +11:00
Lachlan 366cb7ffc0
Merge pull request #6968 from eclipse/jetty-10.0.x-6965-WebSocketProgrammaticUpgrade 
Issue #6965 - support programmatic upgrade for javax/jakarta websockets (10)
 2021-10-21 17:23:08 +11:00
Lachlan 06a899f298
Merge pull request #6976 from eclipse/jetty-10.0.x-4317-GzipHandler-SSE 
Issue #4317 - exclude text/event-stream MIME type from GzipHandler
 2021-10-20 19:32:47 +11:00
dependabot[bot] b5cd311dbe
Merge pull request #7014 from eclipse/dependabot/maven/jetty-10.0.x/ant.version-1.10.12 2021-10-19 11:26:09 +00:00
dependabot[bot] cb5c52d4a7
Bump ant.version from 1.10.11 to 1.10.12 
Bumps `ant.version` from 1.10.11 to 1.10.12.

Updates `ant` from 1.10.11 to 1.10.12

Updates `ant-launcher` from 1.10.11 to 1.10.12

---
updated-dependencies:
- dependency-name: org.apache.ant:ant
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.ant:ant-launcher
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-19 09:19:37 +00:00
dependabot[bot] e860f41f19
Merge pull request #7007 from eclipse/dependabot/maven/jetty-10.0.x/com.github.spotbugs-spotbugs-maven-plugin-4.4.2.1 2021-10-19 05:51:48 +00:00
dependabot[bot] 0c62a0531f
Merge pull request #7006 from eclipse/dependabot/maven/jetty-10.0.x/jakarta.inject-jakarta.inject-api-1.0.4 2021-10-19 04:24:07 +00:00
dependabot[bot] 1b32debc52
Bump spotbugs-maven-plugin from 4.4.2 to 4.4.2.1 
Bumps [spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.4.2 to 4.4.2.1.
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.4.2...spotbugs-maven-plugin-4.4.2.1)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-18 09:24:07 +00:00
dependabot[bot] 9183efaed6
Bump jakarta.inject-api from 1.0.3 to 1.0.4 
Bumps [jakarta.inject-api](https://github.com/eclipse-ee4j/injection-api) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/eclipse-ee4j/injection-api/releases)
- [Commits](https://github.com/eclipse-ee4j/injection-api/compare/1.0.3...1.0.4)

---
updated-dependencies:
- dependency-name: jakarta.inject:jakarta.inject-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-18 09:21:28 +00:00
Lachlan 2095fb06d6
Merge pull request #6998 from eclipse/jetty-10.0.x-6497-AliasCheckWarnings 
Issue #6497 - add warnings for alias checker deprecations
 2021-10-18 09:54:34 +11:00
Greg Wilkins 80ddc3ba2d
Update CVE releated issues with CVE number (#6949) 
It can be hard to find issues associated with CVEs after the fact.  We should update the issue description to include the CVE number once published.
 2021-10-18 07:27:54 +11:00
Lachlan Roberts 4682e6381f Issue #6497 - add warnings for alias checker deprecations 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-10-15 12:01:35 +11:00
Olivier Lamy 2426b34a51
Issue #6980 mark the field as accessible (#6981) 
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
 2021-10-15 09:00:40 +10:00
dependabot[bot] d3a6d4bcce
Merge pull request #6995 from eclipse/dependabot/maven/jetty-10.0.x/org.osgi-osgi.annotation-8.0.1 2021-10-14 11:52:20 +00:00
dependabot[bot] 3089007810
Merge pull request #6996 from eclipse/dependabot/maven/jetty-10.0.x/com.github.spotbugs-spotbugs-maven-plugin-4.4.2 2021-10-14 10:45:35 +00:00
dependabot[bot] 431fd70334
Bump spotbugs-maven-plugin from 4.4.1 to 4.4.2 
Bumps [spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.4.1 to 4.4.2.
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.4.1...spotbugs-maven-plugin-4.4.2)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-14 09:18:39 +00:00
dependabot[bot] 1bb99a0741
Bump osgi.annotation from 8.0.0 to 8.0.1 
Bumps [osgi.annotation](https://github.com/osgi/osgi) from 8.0.0 to 8.0.1.
- [Release notes](https://github.com/osgi/osgi/releases)
- [Commits](https://github.com/osgi/osgi/commits)

---
updated-dependencies:
- dependency-name: org.osgi:osgi.annotation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-14 09:17:27 +00:00
markslater 7c4b7f5446
Issue #6987 - Add jetty-unixdomain-server to jetty-bom (#6988) 
Signed-off-by: markslater <mark.slater@mail.com>
 2021-10-14 10:06:29 +10:00
Joakim Erdfelt 1369ef9124
Merge pull request #6983 from eclipse/release-10.0.7 
Release 10.0.7
 2021-10-13 06:30:48 -05:00
Lachlan Roberts 866f4517db Improve #4275 ambiguous URIs (#6939) 
* Improve #4275 ambiguous URIs

A URI like `/foo/%2e%2e;/bar` should be ambiguous both because of the encoded dots and because of the parameters.  This means that the default setting of jetty-9 is a bit more secure as this path is considered ambiguous if either Violation.SEGMENT or Violation.PARAM is set.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-10-12 18:22:12 +11:00
Lachlan Roberts 32187fb458 Issue #4317 - exclude text/event-stream MIME type from GzipHandler 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-10-11 13:37:07 +11:00
Lachlan Roberts 5811b042b1 Issue #6965 - support programmatic upgrade for javax/jakarta websockets 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-10-07 14:22:36 +11:00
Joakim Erdfelt cfc67f86d2 Updating to version 10.0.8-SNAPSHOT 2021-10-06 14:51:32 -05:00
Joakim Erdfelt da8a4553af Updating to version 10.0.7 2021-10-06 14:32:37 -05:00
Joakim Erdfelt 74bd815cd4 Fixing release script 2021-10-06 14:23:15 -05:00
Olivier Lamy ca8d147ec4
remove not anymore needed plugin execution as it is now in parent pom (#6964) 
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
 2021-10-06 16:04:06 +10:00
Greg Wilkins 8186a3ebed
Issue template to discourage security issues (#6960) 
Update the issue template to discourage security issues
 2021-10-06 14:31:45 +11:00
dependabot[bot] cd16deae32
Merge pull request #6955 from eclipse/dependabot/maven/jetty-10.0.x/com.puppycrawl.tools-checkstyle-9.0.1 2021-10-04 16:09:50 +00:00
dependabot[bot] 658867fcc9
Bump checkstyle from 9.0 to 9.0.1 
Bumps [checkstyle](https://github.com/checkstyle/checkstyle) from 9.0 to 9.0.1.
- [Release notes](https://github.com/checkstyle/checkstyle/releases)
- [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-9.0...checkstyle-9.0.1)

---
updated-dependencies:
- dependency-name: com.puppycrawl.tools:checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-04 09:21:04 +00:00
Christoph Läubrich aaaa48c5cc
Issue #6403 - add an automatic generated maven deployable p2 site (#6404) 
* Fix 6403 - add an automatic generated maven deployable p2 site

Co-authored-by: Olivier Lamy <olamy@apache.org>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-10-01 18:03:55 +10:00
Simone Bordet 0412bdc3d9 Fixes #6938 - module-info.java file do not use the canonical order for the elements 
Changed order of entries in module-info.java to be canonical

(cherry picked from commit 02691171d5)
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2021-10-01 09:25:55 +02:00
Olivier Lamy 51d44a3401
use dependencyManagement for internal dependencies (#6940) 
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
 2021-09-30 16:57:19 +10:00
dependabot[bot] 8dd683c4be
Merge pull request #6935 from eclipse/dependabot/maven/jetty-10.0.x/com.google.guava-guava-31.0.1-jre 2021-09-28 11:20:05 +00:00
dependabot[bot] 7ad12db3e4
Bump guava from 30.1.1-jre to 31.0.1-jre 
Bumps [guava](https://github.com/google/guava) from 30.1.1-jre to 31.0.1-jre.
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-28 09:20:48 +00:00
Simone Bordet e9a47faeb3 Issue #6558 - Allow configuring return type in JSON array parsing. 
Updated JSON implementation to keep backward compatibility
by calling newArray(), now deprecated.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 1d542be610)
 2021-09-27 23:32:09 +02:00
dependabot[bot] 52f125f6d2
Merge pull request #6921 from eclipse/dependabot/maven/jetty-10.0.x/io.hawt-hawtio-default-2.14.0 2021-09-24 11:12:30 +00:00
dependabot[bot] a7a4b30f1f
Bump hawtio-default from 2.13.6 to 2.14.0 
Bumps [hawtio-default](https://github.com/hawtio/hawtio) from 2.13.6 to 2.14.0.
- [Release notes](https://github.com/hawtio/hawtio/releases)
- [Changelog](https://github.com/hawtio/hawtio/blob/master/CHANGES.md)
- [Commits](https://github.com/hawtio/hawtio/compare/hawtio-2.13.6...hawtio-2.14.0)

---
updated-dependencies:
- dependency-name: io.hawt:hawtio-default
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-24 09:22:06 +00:00
Olivier Lamy 99528fd17d
fix directory name interpolation of mod file was not working (#6918) 
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
 2021-09-24 11:58:57 +10:00
Joakim Erdfelt 53c5e6bf60
Merge pull request #6916 from eclipse/jetty-10.0.x-restore-enforcer-requireUpperBoundDeps 
Restore accidentally removed `<requireUpperBoundDeps/>`
 2021-09-23 16:48:16 -05:00
Joakim Erdfelt 9459875851
Merge pull request #6913 from eclipse/dependabot/maven/jetty-10.0.x/ch.qos.logback-logback-core-1.3.0-alpha10 
Bump logback-core from 1.3.0-alpha9 to 1.3.0-alpha10
 2021-09-23 12:11:11 -05:00
dependabot[bot] 813655d432
Merge pull request #6914 from eclipse/dependabot/maven/jetty-10.0.x/io.grpc-grpc-core-1.41.0 2021-09-23 15:40:18 +00:00
Joakim Erdfelt 52fc22fd89
Restore accidentally removed `<requireUpperBoundDeps/>` 
+ Fix upper bound deps that were missed without it

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-09-23 10:29:23 -05:00
dependabot[bot] 46af92099e
Bump logback-core from 1.3.0-alpha9 to 1.3.0-alpha10 
Bumps [logback-core](https://github.com/qos-ch/logback) from 1.3.0-alpha9 to 1.3.0-alpha10.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.3.0-alpha9...v_1.3.0-alpha10)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-23 13:42:46 +00:00
dependabot[bot] 72a5a27686
Merge pull request #6912 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.logging.log4j-log4j-api-2.14.1 2021-09-23 13:41:42 +00:00
dependabot[bot] ede38b9bf9
Merge pull request #6911 from eclipse/dependabot/maven/jetty-10.0.x/io.hawt-hawtio-default-2.13.6 2021-09-23 12:43:00 +00:00
dependabot[bot] 1310bb710a
Bump grpc-core from 1.40.1 to 1.41.0 
Bumps [grpc-core](https://github.com/grpc/grpc-java) from 1.40.1 to 1.41.0.
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](https://github.com/grpc/grpc-java/compare/v1.40.1...v1.41.0)

---
updated-dependencies:
- dependency-name: io.grpc:grpc-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-23 12:38:32 +00:00
dependabot[bot] c0e9f0ffc8
Merge pull request #6910 from eclipse/dependabot/maven/jetty-10.0.x/jakarta.inject-jakarta.inject-api-1.0.3 2021-09-23 12:35:20 +00:00
dependabot[bot] f8ac8d7339
Merge pull request #6908 from eclipse/dependabot/maven/jetty-10.0.x/junit.version-5.8.1 2021-09-23 12:11:03 +00:00
dependabot[bot] b075228248
Bump log4j-api from 2.14.0 to 2.14.1 
Bumps log4j-api from 2.14.0 to 2.14.1.

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-23 11:11:32 +00:00