Lachlan Roberts
e578791518
Changes from review
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-06-08 10:44:17 +10:00
Lachlan Roberts
5a24f90064
Improve cleanup of deflater/inflater pools for PerMessageDeflateExtension
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-06-07 18:52:48 +10:00
Greg Wilkins
c34483e52b
Fix #8067 Use nanotime for DosFilter rate tracker ( #8082 ) ( #8112 )
...
* Fix #8067 Use nanotime for DosFilter rate tracker
Use nano time to avoid false positives when wall clock changes.
2022-06-07 10:21:23 +10:00
Joakim Erdfelt
2b9e3db76f
More restrictions on dependencies ( #8127 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-07 09:33:33 +10:00
dependabot[bot]
6af44e70eb
Bump org.apache.felix.framework from 7.0.4 to 7.0.5 ( #8123 )
...
Bumps org.apache.felix.framework from 7.0.4 to 7.0.5.
---
updated-dependencies:
- dependency-name: org.apache.felix:org.apache.felix.framework
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 11:49:57 -05:00
dependabot[bot]
01f01bc7b7
Merge pull request #8108 from eclipse/dependabot/maven/jetty-10.0.x/openwebbeans.version-2.0.27
2022-06-03 11:43:59 +00:00
dependabot[bot]
3c076aa9f6
Merge pull request #8109 from eclipse/dependabot/maven/jetty-10.0.x/com.google.cloud-google-cloud-datastore-2.7.0
2022-06-03 11:43:53 +00:00
dependabot[bot]
efca12641f
Merge pull request #8099 from eclipse/dependabot/maven/jetty-10.0.x/biz.aQute.bnd-biz.aQute.bndlib-6.3.0
2022-06-03 11:35:08 +00:00
Joakim Erdfelt
d18cd99a88
Update security handling bugzilla to gitlab ( #8104 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-03 06:08:02 -05:00
dependabot[bot]
22b55480bb
Bump google-cloud-datastore from 2.6.0 to 2.7.0
...
Bumps [google-cloud-datastore](https://github.com/googleapis/java-datastore ) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/googleapis/java-datastore/releases )
- [Changelog](https://github.com/googleapis/java-datastore/blob/main/CHANGELOG.md )
- [Commits](https://github.com/googleapis/java-datastore/compare/v2.6.0...v2.7.0 )
---
updated-dependencies:
- dependency-name: com.google.cloud:google-cloud-datastore
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-03 10:06:41 +00:00
dependabot[bot]
e675db42ca
Bump openwebbeans.version from 2.0.26 to 2.0.27
...
Bumps `openwebbeans.version` from 2.0.26 to 2.0.27.
Updates `openwebbeans-web` from 2.0.26 to 2.0.27
- [Release notes](https://github.com/apache/openwebbeans/releases )
- [Commits](https://github.com/apache/openwebbeans/compare/openwebbeans-2.0.26...openwebbeans-2.0.27 )
Updates `openwebbeans-jetty9` from 2.0.26 to 2.0.27
- [Release notes](https://github.com/apache/openwebbeans/releases )
- [Commits](https://github.com/apache/openwebbeans/compare/openwebbeans-2.0.26...openwebbeans-2.0.27 )
---
updated-dependencies:
- dependency-name: org.apache.openwebbeans:openwebbeans-web
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.openwebbeans:openwebbeans-jetty9
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-03 10:05:53 +00:00
dependabot[bot]
c40f39d008
Merge pull request #8100 from eclipse/dependabot/maven/jetty-10.0.x/io.grpc-grpc-core-1.47.0
2022-06-03 08:35:36 +00:00
Simone Bordet
e9262ce26c
Fixes #7994 - Ability to construct a detached client Request ( #8103 )
...
Implemented copy of the request tag that was mistakenly missing.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-06-03 09:27:10 +02:00
Joakim Erdfelt
944ce6354f
Fixing #7975 - ForwardedRequestCustomizer should clear old MethodHandles when renaming headers. ( #8102 )
...
* Adding test case to prove report
* Fixing updateHandles() to clear the stored handles list.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-02 14:17:26 -05:00
dependabot[bot]
646090c747
Bump grpc-core from 1.46.0 to 1.47.0
...
Bumps [grpc-core](https://github.com/grpc/grpc-java ) from 1.46.0 to 1.47.0.
- [Release notes](https://github.com/grpc/grpc-java/releases )
- [Commits](https://github.com/grpc/grpc-java/compare/v1.46.0...v1.47.0 )
---
updated-dependencies:
- dependency-name: io.grpc:grpc-core
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-02 09:21:59 +00:00
dependabot[bot]
e14c1b34f2
Bump biz.aQute.bndlib from 6.2.0 to 6.3.0
...
Bumps [biz.aQute.bndlib](https://github.com/bndtools/bnd ) from 6.2.0 to 6.3.0.
- [Release notes](https://github.com/bndtools/bnd/releases )
- [Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md )
- [Commits](https://github.com/bndtools/bnd/compare/6.2.0...6.3.0 )
---
updated-dependencies:
- dependency-name: biz.aQute.bnd:biz.aQute.bndlib
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-02 09:21:41 +00:00
Olivier Lamy
d12ee70b5a
exclude log4j-core to avoid problem with m-enforcer-p see https://issues.apache.org/jira/browse/LOG4J2-3241 ( #8094 )
...
* exclude log4j-core to avoid problem with m-enforcer-p see https://issues.apache.org/jira/browse/LOG4J2-3241
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2022-06-02 18:24:28 +10:00
dependabot[bot]
7ed3317d37
Bump google-cloud-datastore from 2.5.1 to 2.6.0 ( #8092 )
...
Bumps [google-cloud-datastore](https://github.com/googleapis/java-datastore ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/googleapis/java-datastore/releases )
- [Changelog](https://github.com/googleapis/java-datastore/blob/main/CHANGELOG.md )
- [Commits](https://github.com/googleapis/java-datastore/compare/v2.5.1...v2.6.0 )
---
updated-dependencies:
- dependency-name: com.google.cloud:google-cloud-datastore
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-01 14:10:59 -05:00
Joakim Erdfelt
2850db13e2
Fixes #7818 - Regression: allow HttpChannel.Listener.onResponseBegin to modify response headers ( #7850 )
...
* allow HttpChannel.Listener.onResponseBegin to modify response headers
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-01 13:12:40 -05:00
dependabot[bot]
73362266bd
Merge pull request #8083 from eclipse/dependabot/maven/jetty-10.0.x/org.asciidoctor-asciidoctorj-2.5.4
2022-06-01 03:24:33 +00:00
Greg Wilkins
7a1c165677
Implement #8057 103 Early Hint ( #8058 )
...
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2022-06-01 11:56:54 +10:00
dependabot[bot]
263274891a
Bump error_prone_annotations from 2.13.1 to 2.14.0 ( #8056 )
...
Bumps [error_prone_annotations](https://github.com/google/error-prone ) from 2.13.1 to 2.14.0.
- [Release notes](https://github.com/google/error-prone/releases )
- [Commits](https://github.com/google/error-prone/compare/v2.13.1...v2.14.0 )
---
updated-dependencies:
- dependency-name: com.google.errorprone:error_prone_annotations
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-31 15:54:52 -05:00
Joakim Erdfelt
40ba7bae6e
Fixing upper bounds issue
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-05-31 14:18:04 -05:00
dependabot[bot]
3cf9ce19b9
Bump asciidoctorj from 2.5.3 to 2.5.4
...
Bumps [asciidoctorj](https://github.com/asciidoctor/asciidoctorj ) from 2.5.3 to 2.5.4.
- [Release notes](https://github.com/asciidoctor/asciidoctorj/releases )
- [Changelog](https://github.com/asciidoctor/asciidoctorj/blob/main/CHANGELOG.adoc )
- [Commits](https://github.com/asciidoctor/asciidoctorj/compare/v2.5.3...v2.5.4 )
---
updated-dependencies:
- dependency-name: org.asciidoctor:asciidoctorj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-31 13:20:47 +00:00
dependabot[bot]
1499e6ddee
Bump asciidoctorj-diagram from 2.2.1 to 2.2.3 ( #8077 )
...
Bumps [asciidoctorj-diagram](https://github.com/asciidoctor/asciidoctorj-diagram ) from 2.2.1 to 2.2.3.
- [Release notes](https://github.com/asciidoctor/asciidoctorj-diagram/releases )
- [Commits](https://github.com/asciidoctor/asciidoctorj-diagram/commits )
---
updated-dependencies:
- dependency-name: org.asciidoctor:asciidoctorj-diagram
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-31 08:19:32 -05:00
dependabot[bot]
c7aef29bcb
Merge pull request #8075 from eclipse/dependabot/maven/jetty-10.0.x/com.puppycrawl.tools-checkstyle-10.3
2022-05-31 10:14:40 +00:00
dependabot[bot]
25e19c886f
Merge pull request #8079 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.scm-maven-scm-provider-jgit-1.13.0
2022-05-31 10:04:19 +00:00
dependabot[bot]
22e27274ad
Merge pull request #8080 from eclipse/dependabot/maven/jetty-10.0.x/org.apache.maven.plugins-maven-invoker-plugin-3.3.0
2022-05-31 10:03:58 +00:00
dependabot[bot]
1fb46eddfd
Bump maven-invoker-plugin from 3.2.2 to 3.3.0
...
Bumps [maven-invoker-plugin](https://github.com/apache/maven-invoker-plugin ) from 3.2.2 to 3.3.0.
- [Release notes](https://github.com/apache/maven-invoker-plugin/releases )
- [Commits](https://github.com/apache/maven-invoker-plugin/compare/maven-invoker-plugin-3.2.2...maven-invoker-plugin-3.3.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-invoker-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-30 09:28:12 +00:00
dependabot[bot]
17a72a001d
Bump maven-scm-provider-jgit from 1.12.2 to 1.13.0
...
Bumps maven-scm-provider-jgit from 1.12.2 to 1.13.0.
---
updated-dependencies:
- dependency-name: org.apache.maven.scm:maven-scm-provider-jgit
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-30 09:28:04 +00:00
dependabot[bot]
33c344f3dc
Bump checkstyle from 10.2 to 10.3
...
Bumps [checkstyle](https://github.com/checkstyle/checkstyle ) from 10.2 to 10.3.
- [Release notes](https://github.com/checkstyle/checkstyle/releases )
- [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.2...checkstyle-10.3 )
---
updated-dependencies:
- dependency-name: com.puppycrawl.tools:checkstyle
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-30 09:24:25 +00:00
Lachlan
94e40a93cc
Merge pull request #7983 from eclipse/jetty-10.0.x-1771-secureRedirectHandler
...
Issue #1771 - add module for secure redirect
2022-05-30 11:58:52 +10:00
Joakim Erdfelt
3fe0d5e12f
Fix #7754 - Allow JETTY_SYS_PROPS to be configured by /etc/default/ ( #7819 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-05-26 09:18:10 -05:00
dependabot[bot]
f69ea3fb63
Bump mariadb-java-client from 3.0.4 to 3.0.5 ( #8064 )
...
Bumps [mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j ) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/mariadb-corporation/mariadb-connector-j/releases )
- [Changelog](https://github.com/mariadb-corporation/mariadb-connector-j/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.0.4...3.0.5 )
---
updated-dependencies:
- dependency-name: org.mariadb.jdbc:mariadb-java-client
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:16:38 -05:00
dependabot[bot]
97e76e5a56
Bump google-cloud-datastore from 2.5.0 to 2.5.1 ( #8062 )
...
Bumps [google-cloud-datastore](https://github.com/googleapis/java-datastore ) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/googleapis/java-datastore/releases )
- [Changelog](https://github.com/googleapis/java-datastore/blob/main/CHANGELOG.md )
- [Commits](https://github.com/googleapis/java-datastore/compare/v2.5.0...v2.5.1 )
---
updated-dependencies:
- dependency-name: com.google.cloud:google-cloud-datastore
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:40:21 -05:00
dependabot[bot]
a8594594ab
Bump org.apache.felix.framework from 7.0.3 to 7.0.4 ( #8061 )
...
Bumps org.apache.felix.framework from 7.0.3 to 7.0.4.
---
updated-dependencies:
- dependency-name: org.apache.felix:org.apache.felix.framework
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:40:05 -05:00
Simone Bordet
d1e64f4693
Fixes #8014 - Review HttpRequest URI construction. ( #8015 )
...
Fixes #8014 - Review HttpRequest URI construction.
Now always adding a "/" before the path, if not already present.
Disabled flakey HTTP/3 test.
Parse CONNECT URIs as Authority
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2022-05-26 18:13:17 +10:00
Lachlan
99c743c2c6
Merge pull request #8008 from eclipse/jetty-10.0.x-legacyMultipartParser
...
Add compliance mode for LEGACY multipart parser in Jetty 10+
2022-05-26 15:31:55 +10:00
Olivier Lamy
b274a3cceb
jetty 10.0.x no port 8080 ( #8049 )
...
* ensure it test is not started on port 8080 and use non random groupIds
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2022-05-26 10:30:01 +10:00
dependabot[bot]
38fcf7d52f
Merge pull request #8053 from eclipse/dependabot/maven/jetty-10.0.x/com.google.cloud-google-cloud-datastore-2.5.0
2022-05-25 10:16:44 +00:00
Lachlan Roberts
a61f1458e6
Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-10.0.x-legacyMultipartParser
2022-05-25 16:56:54 +10:00
Lachlan Roberts
1c24238352
mark deprecated ReadLineInputStream for removal
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-25 16:56:34 +10:00
Lachlan Roberts
ed122dfa3c
update description in secure-redirect.mod
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-25 15:22:08 +10:00
dependabot[bot]
983b10fc65
Bump google-cloud-datastore from 2.4.0 to 2.5.0
...
Bumps [google-cloud-datastore](https://github.com/googleapis/java-datastore ) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/googleapis/java-datastore/releases )
- [Changelog](https://github.com/googleapis/java-datastore/blob/main/CHANGELOG.md )
- [Commits](https://github.com/googleapis/java-datastore/compare/v2.4.0...v2.5.0 )
---
updated-dependencies:
- dependency-name: com.google.cloud:google-cloud-datastore
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-24 09:25:54 +00:00
Greg Wilkins
f1c2b0d0e2
Improve #8051 ( #8052 )
...
Increased test timeouts
2022-05-24 19:09:00 +10:00
Lachlan Roberts
32ed6fab9c
Issue #1771 - changes from review
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-24 16:53:20 +10:00
Lachlan Roberts
365fa76db3
Issue #1771 - add module for secure redirect
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-24 16:53:20 +10:00
Simone Bordet
513a2cb256
Fixes #7935 - Review HTTP/2 error handling ( #8048 )
...
Fixed HTTP/3 in similar way as HTTP/2.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-05-23 16:12:24 +02:00
dependabot[bot]
e4aff21272
Merge pull request #8038 from eclipse/dependabot/maven/jetty-10.0.x/org.codehaus.mojo-versions-maven-plugin-2.11.0
2022-05-23 12:27:06 +00:00
dependabot[bot]
ef9d885a05
Bump versions-maven-plugin from 2.10.0 to 2.11.0
...
Bumps [versions-maven-plugin](https://github.com/mojohaus/versions-maven-plugin ) from 2.10.0 to 2.11.0.
- [Release notes](https://github.com/mojohaus/versions-maven-plugin/releases )
- [Changelog](https://github.com/mojohaus/versions-maven-plugin/blob/master/ReleaseNotes.md )
- [Commits](https://github.com/mojohaus/versions-maven-plugin/compare/versions-maven-plugin-2.10.0...versions-maven-plugin-2.11.0 )
---
updated-dependencies:
- dependency-name: org.codehaus.mojo:versions-maven-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-23 09:18:49 +00:00