Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,721 Commits 70 Branches 462 Tags 370 MiB
Commit Graph

3504 Commits

Author SHA1 Message Date
Ludovic Orban 344c501940 Merge remote-tracking branch 'origin/jetty-11.0.x' into fix/merge-from-11 2023-09-25 17:40:39 +02:00
Ludovic Orban a31ecf654b Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-11.0.x 2023-09-25 17:18:36 +02:00
Ludovic Orban 842bbe7fcb
#10557 upgrade quiche to version 0.18.0 (#10570) 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-25 10:11:56 -05:00
Joakim Erdfelt 460fdc60ec
Merge remote-tracking branch 'origin/jetty-12.0.x' into fix/12.0.x/bundle-copyright-update 2023-09-18 13:21:53 -05:00
Olivier Lamy 057e9eee5e
jetty 12.0.x upgrade dependencies (#10507) 
* Junit 5.10.0

Signed-off-by: Olivier Lamy <olamy@apache.org>

* slf4j 2.0.9

Signed-off-by: Olivier Lamy <olamy@apache.org>

* hazecast 5.3.2

Signed-off-by: Olivier Lamy <olamy@apache.org>

* pax exam 4.13.5, pax url 2.6.14

Signed-off-by: Olivier Lamy <olamy@apache.org>

* mariadb client 3.2.0

Signed-off-by: Olivier Lamy <olamy@apache.org>

* logback 1.4.11

Signed-off-by: Olivier Lamy <olamy@apache.org>

* 4.1.97

Signed-off-by: Olivier Lamy <olamy@apache.org>

* add exclusions

Signed-off-by: Olivier Lamy <olamy@apache.org>

---------

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-17 01:17:53 +02:00
Joakim Erdfelt 231eaf8f05
Issue #10475 - update Bundle-Copyright 2023-09-15 10:34:07 -05:00
Olivier Lamy 28f19a5592
get rid of deprecated usage of maven resolver (#10495) 
Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-13 05:43:47 +02:00
dependabot[bot] 97ae51ee28
Bump org.infinispan.protostream:protostream 
Bumps [org.infinispan.protostream:protostream](https://github.com/infinispan/protostream) from 4.6.4.Final to 4.6.5.Final.
- [Release notes](https://github.com/infinispan/protostream/releases)
- [Commits](https://github.com/infinispan/protostream/compare/4.6.4.Final...4.6.5.Final)

---
updated-dependencies:
- dependency-name: org.infinispan.protostream:protostream
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-06 21:19:57 +00:00
Olivier Lamy 56b4b6622b
do not skip asciidoctor generation with eclipse-release profile (#10481) 
Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-07 07:17:27 +10:00
Olivier Lamy 896a301fc1
Upgrade testcontainers 1.19.0 (fix local issue with upgraded docker version) (#10471) 
* add some debug

Signed-off-by: Olivier Lamy <olamy@apache.org>

* force use infinispan.client.hotrod.client_intelligence=BASIC looks to fix issue locally after docker upgrade, use new forListeningPorts to check infinispan start

Signed-off-by: Olivier Lamy <olamy@apache.org>

* use Wait.forListeningPorts to wait docker image start

Signed-off-by: Olivier Lamy <olamy@apache.org>

* cleanup commented code

Signed-off-by: Olivier Lamy <olamy@apache.org>

---------

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-04 13:09:43 +10:00
Olivier Lamy 004da47cb5
Merge 11.0.x back to 12.0.x (#10472) 
* Bump org.infinispan.protostream:protostream

Bumps [org.infinispan.protostream:protostream](https://github.com/infinispan/protostream) from 4.6.2.Final to 4.6.4.Final.
- [Release notes](https://github.com/infinispan/protostream/releases)
- [Commits](https://github.com/infinispan/protostream/compare/4.6.2.Final...4.6.4.Final)

---
updated-dependencies:
- dependency-name: org.infinispan.protostream:protostream
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump apache.directory.api.version from 2.1.3 to 2.1.4

Bumps `apache.directory.api.version` from 2.1.3 to 2.1.4.

Updates `org.apache.directory.api:api-ldap-schema-data` from 2.1.3 to 2.1.4

Updates `org.apache.directory.api:api-ldap-model` from 2.1.3 to 2.1.4

Updates `org.apache.directory.api:api-util` from 2.1.3 to 2.1.4
- [Commits](https://github.com/apache/directory-ldap-api/compare/2.1.3...2.1.4)

Updates `org.apache.directory.api:api-asn1-api` from 2.1.3 to 2.1.4

---
updated-dependencies:
- dependency-name: org.apache.directory.api:api-ldap-schema-data
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.api:api-ldap-model
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.api:api-util
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.api:api-asn1-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump org.wildfly.security:wildfly-elytron

Bumps [org.wildfly.security:wildfly-elytron](https://github.com/wildfly-security/wildfly-elytron) from 2.2.1.Final to 2.2.2.Final.
- [Commits](https://github.com/wildfly-security/wildfly-elytron/compare/2.2.1.Final...2.2.2.Final)

---
updated-dependencies:
- dependency-name: org.wildfly.security:wildfly-elytron
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pax.url.version from 2.6.2 to 2.6.14

Bumps `pax.url.version` from 2.6.2 to 2.6.14.

Updates `org.ops4j.pax.url:pax-url-aether` from 2.6.2 to 2.6.14
- [Commits](https://github.com/ops4j/org.ops4j.pax.url/compare/url-2.6.2...url-2.6.14)

Updates `org.ops4j.pax.url:pax-url-wrap` from 2.6.2 to 2.6.14
- [Commits](https://github.com/ops4j/org.ops4j.pax.url/compare/url-2.6.2...url-2.6.14)

---
updated-dependencies:
- dependency-name: org.ops4j.pax.url:pax-url-aether
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.ops4j.pax.url:pax-url-wrap
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* exclude banned dependencies

Signed-off-by: Olivier Lamy <olamy@apache.org>

* Bump org.infinispan.protostream:protostream (#10469)

Bumps [org.infinispan.protostream:protostream](https://github.com/infinispan/protostream) from 4.6.4.Final to 4.6.5.Final.
- [Release notes](https://github.com/infinispan/protostream/releases)
- [Commits](https://github.com/infinispan/protostream/compare/4.6.4.Final...4.6.5.Final)

---
updated-dependencies:
- dependency-name: org.infinispan.protostream:protostream
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix version number

Signed-off-by: Olivier Lamy <olamy@apache.org>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Olivier Lamy <olamy@apache.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-04 13:05:28 +10:00
dependabot[bot] 6fcd56fd4e
Bump org.infinispan.protostream:protostream (#10469) 
Bumps [org.infinispan.protostream:protostream](https://github.com/infinispan/protostream) from 4.6.4.Final to 4.6.5.Final.
- [Release notes](https://github.com/infinispan/protostream/releases)
- [Commits](https://github.com/infinispan/protostream/compare/4.6.4.Final...4.6.5.Final)

---
updated-dependencies:
- dependency-name: org.infinispan.protostream:protostream
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-04 01:50:45 +02:00
Olivier Lamy a99b590002
Merge branch 'jetty-10.0.x' into jetty-11.0.x 2023-09-03 15:47:39 +10:00
dependabot[bot] b5fb0bcbe0
Merge pull request #10453 from eclipse/dependabot/maven/jetty-10.0.x/org.wildfly.security-wildfly-elytron-2.2.2.Final 2023-09-03 05:44:51 +00:00
dependabot[bot] 0c7ccff44d
Bump org.wildfly.security:wildfly-elytron 
Bumps [org.wildfly.security:wildfly-elytron](https://github.com/wildfly-security/wildfly-elytron) from 2.2.1.Final to 2.2.2.Final.
- [Commits](https://github.com/wildfly-security/wildfly-elytron/compare/2.2.1.Final...2.2.2.Final)

---
updated-dependencies:
- dependency-name: org.wildfly.security:wildfly-elytron
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-01 00:41:35 +00:00
dependabot[bot] 2ba61d6a83
Bump org.infinispan.protostream:protostream 
Bumps [org.infinispan.protostream:protostream](https://github.com/infinispan/protostream) from 4.6.2.Final to 4.6.4.Final.
- [Release notes](https://github.com/infinispan/protostream/releases)
- [Commits](https://github.com/infinispan/protostream/compare/4.6.2.Final...4.6.4.Final)

---
updated-dependencies:
- dependency-name: org.infinispan.protostream:protostream
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-01 00:37:58 +00:00
Joakim Erdfelt 76e458ac94
Merge pull request #10448 from eclipse/release/12.0.1 
Merge `release/12.0.1` into `jetty-12.0.x` HEAD
 2023-08-31 15:59:31 -05:00
Olivier Lamy d09a95aa00
add source plugin to eclipse-release, as mentioned in comment :) (#10435) 
Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-08-30 01:34:09 +02:00
Joakim Erdfelt 1d226403da
Updating to version 12.0.2-SNAPSHOT 2023-08-29 16:55:36 -05:00
Joakim Erdfelt 4768745849
Updating to version 12.0.1 2023-08-29 16:38:20 -05:00
Joakim Erdfelt cb8c4b6ab2
Updating to version 11.0.17-SNAPSHOT 2023-08-25 14:55:08 -05:00
Joakim Erdfelt bedff458c4
Updating to version 11.0.16 2023-08-25 14:43:04 -05:00
Joakim Erdfelt 896dee2466
Updating to version 10.0.17-SNAPSHOT 2023-08-25 14:27:38 -05:00
Joakim Erdfelt a2735a9ae9
Updating to version 10.0.16 2023-08-25 14:10:55 -05:00
Joakim Erdfelt b8ce9db729
Old version of apache-avro uses old jackson. 
Provides transitive vulnerable dependency maven:org.codehaus.jackson:jackson-core-asl:1.9.13
CVE-2019-10202 9.8 Deserialization of Untrusted Data vulnerability pending CVSS allocation
CVE-2019-10202 9.8 Deserialization of Untrusted Data vulnerability pending CVSS allocation
 2023-08-25 11:22:28 -05:00
Joakim Erdfelt 6e96f2c4d7
Provides transitive vulnerable dependency maven:org.apache.commons:commons-compress:1.4.1 
CVE-2018-11771 5.5 Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability pending CVSS allocation
CVE-2021-35515 7.5 Excessive Iteration vulnerability pending CVSS allocation
CVE-2021-35516 7.5 Improper Handling of Length Parameter Inconsistency vulnerability pending CVSS allocation
CVE-2021-35517 7.5 Improper Handling of Length Parameter Inconsistency vulnerability pending CVSS allocation
CVE-2021-36090 7.5 Improper Handling of Length Parameter Inconsistency vulnerability pending CVSS allocation
 2023-08-25 11:11:38 -05:00
Joakim Erdfelt ae71b40acf
Provides transitive vulnerable dependency maven:org.wildfly.security:wildfly-elytron-credential:1.12.1.Final 
CVE-2022-3143 7.4 Observable Discrepancy vulnerability pending CVSS allocation
 2023-08-25 11:10:03 -05:00
Joakim Erdfelt ca95d3f222
Provides transitive vulnerable dependency maven:io.netty:netty-codec:4.1.58.Final 
CVE-2021-37136 7.5 Uncontrolled Resource Consumption vulnerability pending CVSS allocation
CVE-2021-37137 7.5 Uncontrolled Resource Consumption vulnerability pending CVSS allocation
CVE-2022-41915 6.5 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability pending CVSS allocation
 2023-08-25 11:03:28 -05:00
Olivier Lamy ff2e36e239
Jetty 12.0.x fix cache issue with maven invoker (#10393) 
---------

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-08-25 01:34:41 +02:00
Simone Bordet 8d997cef74
Merged branch 'jetty-11.0.x' into 'jetty-12.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-24 18:37:42 +02:00
Simone Bordet 90aa433f32
Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-24 18:37:00 +02:00
Simone Bordet 3a85b66ee4
Updated JaCoCo to 0.8.10 to support Java 21. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-24 18:36:29 +02:00
Simone Bordet a3e58c07b7
Commented out maven source plugin execution "jar-no-fork" because it breaks the jetty documentation extensions module. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-24 16:19:27 +02:00
Olivier Lamy b90cc1627d
Merge branch 'jetty-11.0.x' into jetty-12.0.x-merge-from-11.0.x 2023-08-24 20:23:16 +10:00
Olivier Lamy 1309c65291
Merge branch 'jetty-10.0.x' into jetty-11.0.x 2023-08-24 20:20:11 +10:00
Olivier Lamy 6588cc8a11
Merge branch 'jetty-10.0.x' into jetty-11.0.x 2023-08-24 18:47:19 +10:00
dependabot[bot] c40989d06a
Bump org.jboss.logmanager:jboss-logmanager 
Bumps [org.jboss.logmanager:jboss-logmanager](https://github.com/jboss-logging/jboss-logmanager) from 3.0.1.Final to 3.0.2.Final.
- [Release notes](https://github.com/jboss-logging/jboss-logmanager/releases)
- [Commits](https://github.com/jboss-logging/jboss-logmanager/compare/3.0.1.Final...3.0.2.Final)

---
updated-dependencies:
- dependency-name: org.jboss.logmanager:jboss-logmanager
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-24 08:25:01 +00:00
Olivier Lamy 8b6f5a90ba
Merge branch 'jetty-10.0.x' into jetty-11.0.x 2023-08-24 15:14:52 +10:00
dependabot[bot] 4d56e7d010
Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.3.0 to 3.4.0 
Bumps [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.3.0...enforcer-3.4.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-24 05:13:47 +00:00
Olivier Lamy 7b35e50635
Merge branch 'jetty-10.0.x' into jetty-11.0.x 2023-08-24 13:50:55 +10:00
dependabot[bot] 91eb1a4dd5
Bump ant.version from 1.10.13 to 1.10.14 
Bumps `ant.version` from 1.10.13 to 1.10.14.

Updates `org.apache.ant:ant` from 1.10.13 to 1.10.14

Updates `org.apache.ant:ant-launcher` from 1.10.13 to 1.10.14

---
updated-dependencies:
- dependency-name: org.apache.ant:ant
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.ant:ant-launcher
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-24 03:42:45 +00:00
Olivier Lamy 9c3ac43cc1
Merge branch 'jetty-10.0.x' into jetty-11.0.x 2023-08-24 11:47:29 +10:00
dependabot[bot] 1a094b9e9c
Bump org.testcontainers:testcontainers-bom from 1.18.3 to 1.19.0 
Bumps [org.testcontainers:testcontainers-bom](https://github.com/testcontainers/testcontainers-java) from 1.18.3 to 1.19.0.
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.18.3...1.19.0)

---
updated-dependencies:
- dependency-name: org.testcontainers:testcontainers-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-24 01:25:14 +00:00
dependabot[bot] 21a16bdd01
Bump org.asciidoctor:asciidoctorj-diagram from 2.2.10 to 2.2.11 
Bumps [org.asciidoctor:asciidoctorj-diagram](https://github.com/asciidoctor/asciidoctorj-diagram) from 2.2.10 to 2.2.11.
- [Release notes](https://github.com/asciidoctor/asciidoctorj-diagram/releases)
- [Commits](https://github.com/asciidoctor/asciidoctorj-diagram/compare/v2.2.10...v2.2.11)

---
updated-dependencies:
- dependency-name: org.asciidoctor:asciidoctorj-diagram
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-23 23:39:30 +00:00
Simone Bordet 7f1d262aee
Merged branch 'jetty-11.0.x' into 'jetty-12.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-23 15:47:15 +02:00
Simone Bordet 9efe3a113a
Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-23 13:43:48 +02:00
Simone Bordet 153f5dfae8 Fixes #10350 - Support Java 21 virtual threads 
* Introduced module `threadpool-virtual` for Java 21.
* Updated virtual threads documentation to refer to Java 21.
* Updated requirements that the releases should use Java 21, so that the documentation can properly render the virtual threads documentation.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-23 11:58:24 +02:00
Olivier Lamy 97e1527ed6
Jetty 12.0.x use Maven build cache for PRs and branches except jetty-12.0.x main branch (#9871) 
* apply configuration/changes for build cache

Signed-off-by: Olivier Lamy <olamy@apache.org>

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-08-22 02:46:46 +02:00
Simone Bordet 4c9679c5b3
Merged branch 'jetty-11.0.x' into 'jetty-12.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-17 17:14:59 +02:00
Simone Bordet 939f1362f6
Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-08-17 17:02:13 +02:00