Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
25,219 Commits 65 Branches 460 Tags 355 MiB
Commit Graph

25219 Commits

Author SHA1 Message Date
Joakim Erdfelt af15f12297
Updating to version 10.0.17 2023-10-09 13:21:53 -05:00
Joakim Erdfelt f8b7f48d56
Merge remote-tracking branch 'origin/fix/10.0.x/rollback-jdk21-requirement' into release/10.0.17 2023-10-09 13:13:32 -05:00
Simone Bordet 67b077847a
Issue #9777 - CrossOriginFilter does not return Vary header on no-cors mode. 
Modified the fix introduced by #9779 to avoid usage of Jetty server classes, so that the CrossOriginFilter can be deployed in any web application.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-10-09 20:00:16 +02:00
Simone Bordet dbb94514dc
Fixes #10679 - Review HTTP/2 rate control. (#10681) 
* Bumped the rate control rate from 50 events/s to 128.
* Added rate control for all CONTINUATION frames.
* Added rate control for invalid PUSH_PROMISE frames.
* Added rate control for RST_STREAM frames.
* Added rate control for all SETTINGS frames.
* Fixed growth of header block accumulation buffer.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-10-09 15:07:52 +02:00
OlexYarm c338c1a153 Fixed issue 10305 Embedded Jetty server fails to start when requests log path in RequestLogWriter contains not existed directory 
Changed error message when requests log path in RequestLogWriter contains not existed directory.
 2023-10-06 12:07:44 -04:00
Joakim Erdfelt 4670d3e35b
Rollback JDK21 requirements during Compile + Jar creation. 
Only have JDK21 requirement for jetty-documentation in release script.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2023-10-06 07:09:35 -05:00
Olivier Lamy 90fdd4236d
Update details on how to include dependabot PRs in a release (#10659) 
Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-10-05 02:12:23 +02:00
dependabot[bot] a22174cb76
Merge pull request #10632 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-enforcer-plugin-3.4.1 2023-10-01 11:00:22 +00:00
dependabot[bot] 9c012d1666
Merge pull request #10631 from eclipse/dependabot/maven/jetty-10.0.x/maven.resolver.version-1.9.16 2023-10-01 11:00:09 +00:00
dependabot[bot] 0d730aaeab
Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.0 to 3.4.1 
Bumps [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.4.0...enforcer-3.4.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 08:27:40 +00:00
dependabot[bot] b5ecca2a5f
Bump maven.resolver.version from 1.9.15 to 1.9.16 
Bumps `maven.resolver.version` from 1.9.15 to 1.9.16.

Updates `org.apache.maven.resolver:maven-resolver-api` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16)

Updates `org.apache.maven.resolver:maven-resolver-util` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16)

Updates `org.apache.maven.resolver:maven-resolver-spi` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16)

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16)

Updates `org.apache.maven.resolver:maven-resolver-transport-file` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16)

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-util
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-spi
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-file
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 08:27:20 +00:00
dependabot[bot] d81386c1ae
Merge pull request #10634 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.avro-avro-1.11.3 2023-10-01 08:22:47 +00:00
dependabot[bot] 7c55a1c6af
Merge pull request #10633 from eclipse/dependabot/maven/jetty-10.0.x/asm.version-9.6 2023-10-01 08:22:29 +00:00
dependabot[bot] 3671da4b56
Bump org.apache.avro:avro from 1.11.2 to 1.11.3 
Bumps org.apache.avro:avro from 1.11.2 to 1.11.3.

---
updated-dependencies:
- dependency-name: org.apache.avro:avro
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 05:57:59 +00:00
dependabot[bot] 000d8eeeaa
Bump asm.version from 9.5 to 9.6 
Bumps `asm.version` from 9.5 to 9.6.

Updates `org.ow2.asm:asm-commons` from 9.5 to 9.6

Updates `org.ow2.asm:asm-bom` from 9.5 to 9.6

Updates `org.ow2.asm:asm` from 9.5 to 9.6

Updates `org.ow2.asm:asm-tree` from 9.5 to 9.6

Updates `org.ow2.asm:asm-analysis` from 9.5 to 9.6

Updates `org.ow2.asm:asm-util` from 9.5 to 9.6

---
updated-dependencies:
- dependency-name: org.ow2.asm:asm-commons
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm-tree
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm-analysis
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm-util
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 05:57:20 +00:00
dependabot[bot] 633c70a782
Merge pull request #10642 from eclipse/dependabot/maven/jetty-10.0.x/org.eclipse.tycho-tycho-p2-repository-plugin-4.0.3 2023-10-01 05:56:57 +00:00
dependabot[bot] 4c462408c9
Merge pull request #10641 from eclipse/dependabot/maven/jetty-10.0.x/org.jboss.threads-jboss-threads-3.5.1.Final 2023-10-01 05:56:41 +00:00
dependabot[bot] f2025fe725
Merge pull request #10640 from eclipse/dependabot/maven/jetty-10.0.x/org.eclipse.platform-org.eclipse.osgi-3.18.500 2023-10-01 05:56:25 +00:00
dependabot[bot] b990fa7991
Merge pull request #10636 from eclipse/dependabot/maven/jetty-10.0.x/org.asciidoctor-asciidoctorj-diagram-2.2.13 2023-10-01 05:56:09 +00:00
dependabot[bot] 5ef68b21ab
Merge pull request #10639 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-shade-plugin-3.5.1 2023-10-01 05:55:53 +00:00
dependabot[bot] 835c8bd92b
Merge pull request #10637 from eclipse/dependabot/maven/jetty-10.0.x/commons-io-commons-io-2.14.0 2023-10-01 05:55:37 +00:00
dependabot[bot] 3dcb768e1a
Merge pull request #10638 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-javadoc-plugin-3.6.0 2023-10-01 05:55:14 +00:00
dependabot[bot] fa90efb0e7
Merge pull request #10635 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.mina-mina-core-2.2.3 2023-10-01 05:54:59 +00:00
dependabot[bot] 57666ee95e
Bump org.eclipse.tycho:tycho-p2-repository-plugin from 4.0.2 to 4.0.3 
Bumps [org.eclipse.tycho:tycho-p2-repository-plugin](https://github.com/eclipse-tycho/tycho) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/eclipse-tycho/tycho/releases)
- [Changelog](https://github.com/eclipse-tycho/tycho/blob/tycho-4.0.3/RELEASE_NOTES.md)
- [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-4.0.2...tycho-4.0.3)

---
updated-dependencies:
- dependency-name: org.eclipse.tycho:tycho-p2-repository-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 00:38:39 +00:00
dependabot[bot] 4f035b76a9
Bump org.jboss.threads:jboss-threads from 3.5.0.Final to 3.5.1.Final 
Bumps [org.jboss.threads:jboss-threads](https://github.com/jbossas/jboss-threads) from 3.5.0.Final to 3.5.1.Final.
- [Commits](https://github.com/jbossas/jboss-threads/compare/3.5.0.Final...3.5.1.Final)

---
updated-dependencies:
- dependency-name: org.jboss.threads:jboss-threads
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 00:37:43 +00:00
dependabot[bot] d6588a0eac
Bump org.eclipse.platform:org.eclipse.osgi from 3.18.400 to 3.18.500 
Bumps [org.eclipse.platform:org.eclipse.osgi](https://github.com/eclipse-equinox/equinox) from 3.18.400 to 3.18.500.
- [Commits](https://github.com/eclipse-equinox/equinox/commits)

---
updated-dependencies:
- dependency-name: org.eclipse.platform:org.eclipse.osgi
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 00:35:33 +00:00
dependabot[bot] 683772297d
Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.0 to 3.5.1 
Bumps [org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/apache/maven-shade-plugin/releases)
- [Commits](https://github.com/apache/maven-shade-plugin/compare/maven-shade-plugin-3.5.0...maven-shade-plugin-3.5.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-shade-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 00:33:05 +00:00
dependabot[bot] 8a5bbe5c76
Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.6.0 
Bumps [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.5.0...maven-javadoc-plugin-3.6.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 00:32:32 +00:00
dependabot[bot] ea11d211bc
Bump commons-io:commons-io from 2.13.0 to 2.14.0 
Bumps commons-io:commons-io from 2.13.0 to 2.14.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 00:31:34 +00:00
dependabot[bot] c713d3d404
Bump org.asciidoctor:asciidoctorj-diagram from 2.2.11 to 2.2.13 
Bumps [org.asciidoctor:asciidoctorj-diagram](https://github.com/asciidoctor/asciidoctorj-diagram) from 2.2.11 to 2.2.13.
- [Release notes](https://github.com/asciidoctor/asciidoctorj-diagram/releases)
- [Commits](https://github.com/asciidoctor/asciidoctorj-diagram/compare/v2.2.11...v2.2.13)

---
updated-dependencies:
- dependency-name: org.asciidoctor:asciidoctorj-diagram
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 00:31:24 +00:00
dependabot[bot] 270d56ccb1
Bump org.apache.mina:mina-core from 2.2.2 to 2.2.3 
Bumps [org.apache.mina:mina-core](https://github.com/apache/mina) from 2.2.2 to 2.2.3.
- [Commits](https://github.com/apache/mina/compare/2.2.2...2.2.3)

---
updated-dependencies:
- dependency-name: org.apache.mina:mina-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-01 00:31:00 +00:00
Joakim Erdfelt 1e1bc5adff
Issue #10606 - Bump build to JDK 21 (#10607) 
* Issue #10606 - Bump build to JDK 21
* Fix tests that fail on JDK 21
* better use of `@EnabledForJreRange`
* Disable JAASLdapLoginServiceTest on JDK 20+ via maven profile

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Olivier Lamy <olamy@apache.org>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Olivier Lamy <olamy@apache.org>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-28 16:19:36 -05:00
Joakim Erdfelt 551ad8bba0
Issue #10473 - Better warnings in `jetty.sh` on filesystem permission issues (#10605) 
* Issue #10473 - Better warnings in jetty.sh on filesystem permission issues

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2023-09-28 10:24:33 -05:00
Simone Bordet 07f320ab6a
Fixes #10547 - Cannot customize Executor on WebSocketClient. (#10589) 
The HttpClient and WebSocketComponents will now try to share as many components as possible.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-28 11:32:53 +02:00
Olivier Lamy e76ce45ad7
upgrade commons-compress to 1.24.0 (#10588) 
Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-27 13:31:18 +02:00
Lachlan 467052975e
improve testing of http2 client and refine default config (#10580) 
* improve testing of http2 client and refine default config
* improve testing in HTTP2Test for hpack

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2023-09-27 09:57:06 +10:00
Joakim Erdfelt cc8f976d0c
Issue #10473 - Revert jetty.sh pgrep, and update started checks (#10501) 
* Revert pgrep usage in jetty.sh
* Adding test for jetty.conf
* Correcting renamed xml file
* Improved started check
+ Improved `started` function code
  - adding comment explaining steps
  - adding named parameters
+ Improved ARGS check for "jetty.state="
  option, to know when to check the
  state file.
* Make sure state.mod is before any deploy steps to ensure jetty-state file is created early.
* Early cleanup / creation of State file
* Improved `started` function
+ Don't attempt to read from State File
  if it doesn't exist
+ Don't attempt to read from PID File
  if it doesn't exist
+ DEBUG in state file logic
+ DEBUG in pid file logic
+ proper startsWith logic for state detection
* Better state debugging and pid kill

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2023-09-26 16:48:33 -05:00
Ludovic Orban b5124fd7c9 handle review comments 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-26 18:16:23 +02:00
Ludovic Orban 0928204db7 allow configuring a custom ScheduledExecutorService into ScheduledExecutorScheduler 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-26 18:16:23 +02:00
Ludovic Orban 842bbe7fcb
#10557 upgrade quiche to version 0.18.0 (#10570) 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-25 10:11:56 -05:00
Joakim Erdfelt 50a1b31a8a
Issue #10547 - Allow Executor of WebSocketClient to be customized via HttpClient (#10548) 
* Issue #10547 - Allow Executor of WebSocketClient to be customized via HttpClient

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2023-09-22 07:08:50 -05:00
Joakim Erdfelt 43eb08b146
Backport #10540 to `jetty-10.0.x` Fixed deadlock in class initialization. (#10545) 
* Fixed deadlock in class initialization. (#10540)

* Thread T1 may initialize HttpTester.Message that extends MutableHttpFields, so grabs the lock for the initialization of class MutableHttpFields.
* Thread T2 may initialize HttpFields, so grabs the lock for HttpFields and initializes field EMPTY, which calls new MutableHttpFields.
* To initialize MutableHttpFields, T1 must initialize HttpFields, but sees that its lock is taken and waits.
* To initialize HttpFields, T2 must create an instance and therefore initialize MutableHttpFields, but sees that its lock is taken and waits.
* Deadlock.

The solution is to use another class, EmptyHttpFields, to initialize HttpFields.EMPTY, so that there is no deadlock.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-18 13:00:11 -05:00
Greg Wilkins 3c76f82594
Allow session idle timeout to be configured on authentication. (#10511) 
Allow session idle timeout to be configured on authentication.

Signed-off-by: gregw <gregw@webtide.com>
 2023-09-18 15:53:35 +10:00
Joakim Erdfelt fd88723cad
Cleanup of start properties usages in `jetty-10.0.x` (#10365) 
* Cleanup start properties usages

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2023-09-15 09:59:06 -05:00
Olivier Lamy 000a55f78f
upgrade to bouncycastle 1.76 (#10512) 
* upgrade to bouncycastle 1.76

Signed-off-by: Olivier Lamy <olamy@apache.org>

* fix artifact names

Signed-off-by: Olivier Lamy <olamy@apache.org>

---------

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-15 02:16:41 +02:00
Joakim Erdfelt d7d203d869
Merge pull request #10521 from eclipse/fix/10.0.x/cve-numbers 
Fixing CVE number for CGI servlet deprecation (10.0.x)
 2023-09-14 16:39:48 -05:00
Joakim Erdfelt 96d4d45541
Fixing CVE number for CGI servlet deprecation 2023-09-14 14:26:02 -05:00
Joakim Erdfelt 52c9dcaee6
Updating jetty-10.0.x VERSION.txt from changes in jetty-9.4.x (#10518) 
* Updating jetty-10.0.x VERSION.txt from changes in jetty-9.4.x
* Making CVE references consistent
 2023-09-14 19:31:09 +02:00
Joakim Erdfelt b9cd3216f7
Updating 10.x entries (#10515) 2023-09-14 18:40:52 +02:00
dependabot[bot] 08ab9e1629
Merge pull request #10488 from eclipse/dependabot/maven/jetty-10.0.x/org.infinispan.protostream-protostream-4.6.5.Final 2023-09-07 00:38:43 +00:00