Joakim Erdfelt
af15f12297
Updating to version 10.0.17
2023-10-09 13:21:53 -05:00
Joakim Erdfelt
f8b7f48d56
Merge remote-tracking branch 'origin/fix/10.0.x/rollback-jdk21-requirement' into release/10.0.17
2023-10-09 13:13:32 -05:00
Simone Bordet
67b077847a
Issue #9777 - CrossOriginFilter does not return Vary header on no-cors mode.
...
Modified the fix introduced by #9779 to avoid usage of Jetty server classes, so that the CrossOriginFilter can be deployed in any web application.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2023-10-09 20:00:16 +02:00
Simone Bordet
dbb94514dc
Fixes #10679 - Review HTTP/2 rate control. ( #10681 )
...
* Bumped the rate control rate from 50 events/s to 128.
* Added rate control for all CONTINUATION frames.
* Added rate control for invalid PUSH_PROMISE frames.
* Added rate control for RST_STREAM frames.
* Added rate control for all SETTINGS frames.
* Fixed growth of header block accumulation buffer.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2023-10-09 15:07:52 +02:00
OlexYarm
c338c1a153
Fixed issue 10305 Embedded Jetty server fails to start when requests log path in RequestLogWriter contains not existed directory
...
Changed error message when requests log path in RequestLogWriter contains not existed directory.
2023-10-06 12:07:44 -04:00
Joakim Erdfelt
4670d3e35b
Rollback JDK21 requirements during Compile + Jar creation.
...
Only have JDK21 requirement for jetty-documentation in release script.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-10-06 07:09:35 -05:00
Olivier Lamy
90fdd4236d
Update details on how to include dependabot PRs in a release ( #10659 )
...
Signed-off-by: Olivier Lamy <olamy@apache.org>
2023-10-05 02:12:23 +02:00
dependabot[bot]
a22174cb76
Merge pull request #10632 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-enforcer-plugin-3.4.1
2023-10-01 11:00:22 +00:00
dependabot[bot]
9c012d1666
Merge pull request #10631 from eclipse/dependabot/maven/jetty-10.0.x/maven.resolver.version-1.9.16
2023-10-01 11:00:09 +00:00
dependabot[bot]
0d730aaeab
Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.0 to 3.4.1
...
Bumps [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer ) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/apache/maven-enforcer/releases )
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.4.0...enforcer-3.4.1 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 08:27:40 +00:00
dependabot[bot]
b5ecca2a5f
Bump maven.resolver.version from 1.9.15 to 1.9.16
...
Bumps `maven.resolver.version` from 1.9.15 to 1.9.16.
Updates `org.apache.maven.resolver:maven-resolver-api` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16 )
Updates `org.apache.maven.resolver:maven-resolver-util` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16 )
Updates `org.apache.maven.resolver:maven-resolver-spi` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16 )
Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16 )
Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16 )
Updates `org.apache.maven.resolver:maven-resolver-transport-file` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16 )
Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.15...maven-resolver-1.9.16 )
---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-api
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-util
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-spi
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-file
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 08:27:20 +00:00
dependabot[bot]
d81386c1ae
Merge pull request #10634 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.avro-avro-1.11.3
2023-10-01 08:22:47 +00:00
dependabot[bot]
7c55a1c6af
Merge pull request #10633 from eclipse/dependabot/maven/jetty-10.0.x/asm.version-9.6
2023-10-01 08:22:29 +00:00
dependabot[bot]
3671da4b56
Bump org.apache.avro:avro from 1.11.2 to 1.11.3
...
Bumps org.apache.avro:avro from 1.11.2 to 1.11.3.
---
updated-dependencies:
- dependency-name: org.apache.avro:avro
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 05:57:59 +00:00
dependabot[bot]
000d8eeeaa
Bump asm.version from 9.5 to 9.6
...
Bumps `asm.version` from 9.5 to 9.6.
Updates `org.ow2.asm:asm-commons` from 9.5 to 9.6
Updates `org.ow2.asm:asm-bom` from 9.5 to 9.6
Updates `org.ow2.asm:asm` from 9.5 to 9.6
Updates `org.ow2.asm:asm-tree` from 9.5 to 9.6
Updates `org.ow2.asm:asm-analysis` from 9.5 to 9.6
Updates `org.ow2.asm:asm-util` from 9.5 to 9.6
---
updated-dependencies:
- dependency-name: org.ow2.asm:asm-commons
dependency-type: direct:development
update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm-bom
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm
dependency-type: direct:development
update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm-tree
dependency-type: direct:development
update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm-analysis
dependency-type: direct:development
update-type: version-update:semver-minor
- dependency-name: org.ow2.asm:asm-util
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 05:57:20 +00:00
dependabot[bot]
633c70a782
Merge pull request #10642 from eclipse/dependabot/maven/jetty-10.0.x/org.eclipse.tycho-tycho-p2-repository-plugin-4.0.3
2023-10-01 05:56:57 +00:00
dependabot[bot]
4c462408c9
Merge pull request #10641 from eclipse/dependabot/maven/jetty-10.0.x/org.jboss.threads-jboss-threads-3.5.1.Final
2023-10-01 05:56:41 +00:00
dependabot[bot]
f2025fe725
Merge pull request #10640 from eclipse/dependabot/maven/jetty-10.0.x/org.eclipse.platform-org.eclipse.osgi-3.18.500
2023-10-01 05:56:25 +00:00
dependabot[bot]
b990fa7991
Merge pull request #10636 from eclipse/dependabot/maven/jetty-10.0.x/org.asciidoctor-asciidoctorj-diagram-2.2.13
2023-10-01 05:56:09 +00:00
dependabot[bot]
5ef68b21ab
Merge pull request #10639 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-shade-plugin-3.5.1
2023-10-01 05:55:53 +00:00
dependabot[bot]
835c8bd92b
Merge pull request #10637 from eclipse/dependabot/maven/jetty-10.0.x/commons-io-commons-io-2.14.0
2023-10-01 05:55:37 +00:00
dependabot[bot]
3dcb768e1a
Merge pull request #10638 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-javadoc-plugin-3.6.0
2023-10-01 05:55:14 +00:00
dependabot[bot]
fa90efb0e7
Merge pull request #10635 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.mina-mina-core-2.2.3
2023-10-01 05:54:59 +00:00
dependabot[bot]
57666ee95e
Bump org.eclipse.tycho:tycho-p2-repository-plugin from 4.0.2 to 4.0.3
...
Bumps [org.eclipse.tycho:tycho-p2-repository-plugin](https://github.com/eclipse-tycho/tycho ) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/eclipse-tycho/tycho/releases )
- [Changelog](https://github.com/eclipse-tycho/tycho/blob/tycho-4.0.3/RELEASE_NOTES.md )
- [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-4.0.2...tycho-4.0.3 )
---
updated-dependencies:
- dependency-name: org.eclipse.tycho:tycho-p2-repository-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:38:39 +00:00
dependabot[bot]
4f035b76a9
Bump org.jboss.threads:jboss-threads from 3.5.0.Final to 3.5.1.Final
...
Bumps [org.jboss.threads:jboss-threads](https://github.com/jbossas/jboss-threads ) from 3.5.0.Final to 3.5.1.Final.
- [Commits](https://github.com/jbossas/jboss-threads/compare/3.5.0.Final...3.5.1.Final )
---
updated-dependencies:
- dependency-name: org.jboss.threads:jboss-threads
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:37:43 +00:00
dependabot[bot]
d6588a0eac
Bump org.eclipse.platform:org.eclipse.osgi from 3.18.400 to 3.18.500
...
Bumps [org.eclipse.platform:org.eclipse.osgi](https://github.com/eclipse-equinox/equinox ) from 3.18.400 to 3.18.500.
- [Commits](https://github.com/eclipse-equinox/equinox/commits )
---
updated-dependencies:
- dependency-name: org.eclipse.platform:org.eclipse.osgi
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:35:33 +00:00
dependabot[bot]
683772297d
Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.0 to 3.5.1
...
Bumps [org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin ) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/apache/maven-shade-plugin/releases )
- [Commits](https://github.com/apache/maven-shade-plugin/compare/maven-shade-plugin-3.5.0...maven-shade-plugin-3.5.1 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-shade-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:33:05 +00:00
dependabot[bot]
8a5bbe5c76
Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.6.0
...
Bumps [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin ) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases )
- [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.5.0...maven-javadoc-plugin-3.6.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:32:32 +00:00
dependabot[bot]
ea11d211bc
Bump commons-io:commons-io from 2.13.0 to 2.14.0
...
Bumps commons-io:commons-io from 2.13.0 to 2.14.0.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:31:34 +00:00
dependabot[bot]
c713d3d404
Bump org.asciidoctor:asciidoctorj-diagram from 2.2.11 to 2.2.13
...
Bumps [org.asciidoctor:asciidoctorj-diagram](https://github.com/asciidoctor/asciidoctorj-diagram ) from 2.2.11 to 2.2.13.
- [Release notes](https://github.com/asciidoctor/asciidoctorj-diagram/releases )
- [Commits](https://github.com/asciidoctor/asciidoctorj-diagram/compare/v2.2.11...v2.2.13 )
---
updated-dependencies:
- dependency-name: org.asciidoctor:asciidoctorj-diagram
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:31:24 +00:00
dependabot[bot]
270d56ccb1
Bump org.apache.mina:mina-core from 2.2.2 to 2.2.3
...
Bumps [org.apache.mina:mina-core](https://github.com/apache/mina ) from 2.2.2 to 2.2.3.
- [Commits](https://github.com/apache/mina/compare/2.2.2...2.2.3 )
---
updated-dependencies:
- dependency-name: org.apache.mina:mina-core
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:31:00 +00:00
Joakim Erdfelt
1e1bc5adff
Issue #10606 - Bump build to JDK 21 ( #10607 )
...
* Issue #10606 - Bump build to JDK 21
* Fix tests that fail on JDK 21
* better use of `@EnabledForJreRange`
* Disable JAASLdapLoginServiceTest on JDK 20+ via maven profile
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Olivier Lamy <olamy@apache.org>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Olivier Lamy <olamy@apache.org>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-09-28 16:19:36 -05:00
Joakim Erdfelt
551ad8bba0
Issue #10473 - Better warnings in `jetty.sh` on filesystem permission issues ( #10605 )
...
* Issue #10473 - Better warnings in jetty.sh on filesystem permission issues
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-09-28 10:24:33 -05:00
Simone Bordet
07f320ab6a
Fixes #10547 - Cannot customize Executor on WebSocketClient. ( #10589 )
...
The HttpClient and WebSocketComponents will now try to share as many components as possible.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2023-09-28 11:32:53 +02:00
Olivier Lamy
e76ce45ad7
upgrade commons-compress to 1.24.0 ( #10588 )
...
Signed-off-by: Olivier Lamy <olamy@apache.org>
2023-09-27 13:31:18 +02:00
Lachlan
467052975e
improve testing of http2 client and refine default config ( #10580 )
...
* improve testing of http2 client and refine default config
* improve testing in HTTP2Test for hpack
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-09-27 09:57:06 +10:00
Joakim Erdfelt
cc8f976d0c
Issue #10473 - Revert jetty.sh pgrep, and update started checks ( #10501 )
...
* Revert pgrep usage in jetty.sh
* Adding test for jetty.conf
* Correcting renamed xml file
* Improved started check
+ Improved `started` function code
- adding comment explaining steps
- adding named parameters
+ Improved ARGS check for "jetty.state="
option, to know when to check the
state file.
* Make sure state.mod is before any deploy steps to ensure jetty-state file is created early.
* Early cleanup / creation of State file
* Improved `started` function
+ Don't attempt to read from State File
if it doesn't exist
+ Don't attempt to read from PID File
if it doesn't exist
+ DEBUG in state file logic
+ DEBUG in pid file logic
+ proper startsWith logic for state detection
* Better state debugging and pid kill
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-09-26 16:48:33 -05:00
Ludovic Orban
b5124fd7c9
handle review comments
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2023-09-26 18:16:23 +02:00
Ludovic Orban
0928204db7
allow configuring a custom ScheduledExecutorService into ScheduledExecutorScheduler
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2023-09-26 18:16:23 +02:00
Ludovic Orban
842bbe7fcb
#10557 upgrade quiche to version 0.18.0 ( #10570 )
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2023-09-25 10:11:56 -05:00
Joakim Erdfelt
50a1b31a8a
Issue #10547 - Allow Executor of WebSocketClient to be customized via HttpClient ( #10548 )
...
* Issue #10547 - Allow Executor of WebSocketClient to be customized via HttpClient
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-09-22 07:08:50 -05:00
Joakim Erdfelt
43eb08b146
Backport #10540 to `jetty-10.0.x` Fixed deadlock in class initialization. ( #10545 )
...
* Fixed deadlock in class initialization. (#10540 )
* Thread T1 may initialize HttpTester.Message that extends MutableHttpFields, so grabs the lock for the initialization of class MutableHttpFields.
* Thread T2 may initialize HttpFields, so grabs the lock for HttpFields and initializes field EMPTY, which calls new MutableHttpFields.
* To initialize MutableHttpFields, T1 must initialize HttpFields, but sees that its lock is taken and waits.
* To initialize HttpFields, T2 must create an instance and therefore initialize MutableHttpFields, but sees that its lock is taken and waits.
* Deadlock.
The solution is to use another class, EmptyHttpFields, to initialize HttpFields.EMPTY, so that there is no deadlock.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-09-18 13:00:11 -05:00
Greg Wilkins
3c76f82594
Allow session idle timeout to be configured on authentication. ( #10511 )
...
Allow session idle timeout to be configured on authentication.
Signed-off-by: gregw <gregw@webtide.com>
2023-09-18 15:53:35 +10:00
Joakim Erdfelt
fd88723cad
Cleanup of start properties usages in `jetty-10.0.x` ( #10365 )
...
* Cleanup start properties usages
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-09-15 09:59:06 -05:00
Olivier Lamy
000a55f78f
upgrade to bouncycastle 1.76 ( #10512 )
...
* upgrade to bouncycastle 1.76
Signed-off-by: Olivier Lamy <olamy@apache.org>
* fix artifact names
Signed-off-by: Olivier Lamy <olamy@apache.org>
---------
Signed-off-by: Olivier Lamy <olamy@apache.org>
2023-09-15 02:16:41 +02:00
Joakim Erdfelt
d7d203d869
Merge pull request #10521 from eclipse/fix/10.0.x/cve-numbers
...
Fixing CVE number for CGI servlet deprecation (10.0.x)
2023-09-14 16:39:48 -05:00
Joakim Erdfelt
96d4d45541
Fixing CVE number for CGI servlet deprecation
2023-09-14 14:26:02 -05:00
Joakim Erdfelt
52c9dcaee6
Updating jetty-10.0.x VERSION.txt from changes in jetty-9.4.x ( #10518 )
...
* Updating jetty-10.0.x VERSION.txt from changes in jetty-9.4.x
* Making CVE references consistent
2023-09-14 19:31:09 +02:00
Joakim Erdfelt
b9cd3216f7
Updating 10.x entries ( #10515 )
2023-09-14 18:40:52 +02:00
dependabot[bot]
08ab9e1629
Merge pull request #10488 from eclipse/dependabot/maven/jetty-10.0.x/org.infinispan.protostream-protostream-4.6.5.Final
2023-09-07 00:38:43 +00:00