Skip to content
6b67c57
Compare
Choose a tag to compare

End of Life Notice

  • #7958 - Jetty 9.4.x is now at End of Community Support. (See issue for details)

Critical Fix

  • #8184 - All suffix globs except first fail to match if path has . character in prefix section
5848731
Compare
Choose a tag to compare

Special Thanks to the following Eclipse Jetty community members

Critical Fix

  • #8184 - All suffix globs except first fail to match if path has . character in prefix section

Changelog

  • #8187 - Fix test-distribution classpath re resolver (@cstamas)
  • #8175 - Removing invalid maxConnections references
  • #8163 - RegexPathSpec documentation and MatchedPath improvements
  • #8162 - Migrate code from jetty-util Logger to slf4j Logger
  • #8161 - Improve SSLConnection buffers handling
  • #8155 - Use static exceptions for closing websocket flushers and in ContentProducer
d988aa0
Compare
Choose a tag to compare

Special Thanks to the following Eclipse Jetty community members

Critical Fix

  • #8184 - All suffix globs except first fail to match if path has . character in prefix section

Changelog

  • #8187 - Fix test-distribution classpath re resolver (@cstamas)
  • #8175 - Removing invalid maxConnections references
  • #8163 - RegexPathSpec documentation and MatchedPath improvements
  • #8162 - Migrate code from jetty-util Logger to slf4j Logger
  • #8161 - Improve SSLConnection buffers handling
  • #8155 - Use static exceptions for closing websocket flushers and in ContentProducer
d21dded
Compare
Choose a tag to compare

Fixed Security Advisories

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #8161 - Improve SSLConnection buffers handling (Resolves CVE-2022-2191)
  • #8134 - Improve cleanup of deflater/inflater pools for PerMessageDeflateExtension
  • #8088 - Add option to configure exitVm on ShutdownMonitor from System properties
  • #8067 - Wall time usage in DoSFilter RateTracker results in false positive alert
  • #8057 - Support Http Response 103 (Early Hints)
  • #8014 - Review HttpRequest URI construction (Resolves CVE-2022-2047)
  • #8008 - Add compliance mode for LEGACY multipart parser in Jetty
  • #7994 - Ability to construct a detached client Request
  • #7991 - fix bom for jetty-cdi
  • #7981 - Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser.
  • #7977 - UpgradeHttpServletRequest.setAttribute & UpgradeHttpServletRequest.removeAttribute can throw NullPointerException
  • #7975 - ForwardedRequestCustomizer setters do not clear existing handlers
  • #7953 - Fix StatisticsHandler in the case a Handler throws exception.
  • #7935 - Review HTTP/2 error handling (Resolves CVE-2022-2048)
  • #7929 - Correct requestlog formatString commented default (@prenagha)
  • #7924 - Fix a typo in Javadoc (@jianglai)
  • #7918 - PathMappings.asPathSpec does not allow root ServletPathSpec
  • #7891 - Better Servlet PathMappings for Regex
  • #7880 - DefaultServlet should not overwrite programmatically configured precompressed formats with defaults (@markslater)
  • #7863 - Default servlet drops first accept-encoding header if there is more than one. (@markslater)
  • #7858 - GZipHandler does not play nice with other handlers in HandlerCollection
  • #7818 - Modifying of HTTP headers in HttpChannel.Listener#onResponseBegin is no longer possible with Jetty
  • #7803 - unwrap exception until we get the first non ServletException, as this can be wrap of wrap of wrap when using ContextHandlerCollection
  • #7802 - HTTP/3 QPACK - do not expect section ack for zero required insert count
  • #7754 - jetty.sh ignores JAVA_OPTIONS environment variable
  • #7748 - Allow overriding of url-pattern mapping in ServletContextHandler to allow for regex or uri-template matching
  • #7635 - QPACK decoder should fail connection if the encoder blocks more than SETTINGS_QPACK_BLOCKED_STREAMS
  • #4414 - GZipHandler not excluding inflation for specified paths
  • #1771 - Add module for SecuredRedirect support

Dependencies

  • #8083 - Bump asciidoctorj to 2.5.4
  • #8077 - Bump asciidoctorj-diagram to 2.2.3
  • #7839 - Bump asm.version to 9.3
  • #8142 - Bump biz.aQute.bndlib to 6.3.1
  • #8075 - Bump checkstyle to 10.3
  • #8056 - Bump error_prone_annotations to 2.14.0
  • #8109 - Bump google-cloud-datastore to 2.7.0
  • #8100 - Bump grpc-core to 1.47.0
  • #7987 - Bump hawtio-default to 2.15.0
  • #7934 - Bump hazelcast.version to 4.2.5
  • #8003 - Bump jackson-annotations to 2.13.3
  • #8004 - Bump jackson-core to 2.13.3
  • #7997 - Bump jackson-databind to 2.13.3
  • #7849 - Bump jacoco-maven-plugin to 0.8.8
  • #7830 - Bump jakarta.annotation-api to 2.1.0
  • #7913 - Bump jakarta.ws.rs-api to 3.1.0
  • #7937 - Bump jboss-logging to 3.5.0.Final
  • #7815 - Bump jnr-ffi to 2.2.12
  • #7967 - Bump kerb-simplekdc to 2.0.2
  • #8029 - Bump logback-core to 1.3.0-alpha16
  • #8064 - Bump mariadb-java-client to 3.0.5
  • #7908 - Bump maven-antrun-plugin to 3.1.0
  • #8001 - Bump maven-bundle-plugin to 5.1.6
  • #7843 - Bump maven-clean-plugin to 3.2.0
  • #8080 - Bump maven-invoker-plugin to 3.3.0
  • #7902 - Bump maven-javadoc-plugin to 3.4.0
  • #8079 - Bump maven-scm-provider-jgit to 1.13.0
  • #7904 - Bump maven-site-plugin to 3.12.0
  • #7900 - Bump maven.resolver.version to 1.8.0
  • #7915 - Bump mongo-java-driver to 3.12.11
  • #8108 - Bump openwebbeans.version to 2.0.27
  • #7877 - Bump org.apache.aries.spifly.dynamic.bundle to 1.3.5
  • #8123 - Bump org.apache.felix.framework to 7.0.5
  • #8019 - Bump plexus-utils to 3.4.2
  • #7944 - Bump protostream to 4.4.3.Final
  • #8030 - Bump spotbugs-maven-plugin to 4.7.0.0
  • #8031 - Bump testcontainers-bom to 1.17.2
  • #7972 - Bump tycho-p2-repository-plugin to 2.7.3
  • #8038 - Bump versions-maven-plugin to 2.11.0
de73e94
Compare
Choose a tag to compare

Fixed Security Advisories

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #8161 - Improve SSLConnection buffers handling (Resolves CVE-2022-2191)
  • #8136 - Cherry-pick of Improvements to PathSpec for Jetty 10.0.x
  • #8134 - Improve cleanup of deflater/inflater pools for PerMessageDeflateExtension
  • #8088 - Add option to configure exitVm on ShutdownMonitor from System properties
  • #8067 - Wall time usage in DoSFilter RateTracker results in false positive alert
  • #8057 - Support Http Response 103 (Early Hints)
  • #8014 - Review HttpRequest URI construction (Resolves CVE-2022-2047)
  • #8008 - Add compliance mode for LEGACY multipart parser in Jetty 10+
  • #7994 - Ability to construct a detached client Request
  • #7981 - Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser.
  • #7977 - UpgradeHttpServletRequest.setAttribute & UpgradeHttpServletRequest.removeAttribute can throw NullPointerException
  • #7975 - ForwardedRequestCustomizer setters do not clear existing handlers
  • #7953 - Fix StatisticsHandler in the case a Handler throws exception.
  • #7935 - Review HTTP/2 error handling (Resolves CVE-2022-2048)
  • #7929 - Correct requestlog formatString commented default (@prenagha)
  • #7924 - Fix a typo in Javadoc (@jianglai)
  • #7918 - PathMappings.asPathSpec does not allow root ServletPathSpec
  • #7891 - Better Servlet PathMappings for Regex
  • #7880 - DefaultServlet should not overwrite programmatically configured precompressed formats with defaults (@markslater)
  • #7863 - Default servlet drops first accept-encoding header if there is more than one. (@markslater)
  • #7858 - GZipHandler does not play nice with other handlers in HandlerCollection
  • #7818 - Modifying of HTTP headers in HttpChannel.Listener#onResponseBegin is no longer possible with Jetty 10
  • #7808 - Jetty duplicate set session cookie
  • #7802 - HTTP/3 QPACK - do not expect section ack for zero required insert count
  • #7754 - jetty.sh ignores JAVA_OPTIONS environment variable
  • #7748 - Allow overriding of url-pattern mapping in ServletContextHandler to allow for regex or uri-template matching
  • #7635 - QPACK decoder should fail connection if the encoder blocks more than SETTINGS_QPACK_BLOCKED_STREAMS
  • #4414 - GZipHandler not excluding inflation for specified paths
  • #1771 - Add module for SecuredRedirect support

Dependencies

  • #8083 - Bump asciidoctorj to 2.5.4
  • #8077 - Bump asciidoctorj-diagram to 2.2.3
  • #7839 - Bump asm.version to 9.3
  • #8142 - Bump biz.aQute.bndlib to 6.3.1
  • #8075 - Bump checkstyle to 10.3
  • #8056 - Bump error_prone_annotations to 2.14.0
  • #8109 - Bump google-cloud-datastore to 2.7.0
  • #8100 - Bump grpc-core to 1.47.0
  • #7987 - Bump hawtio-default to 2.15.0
  • #7934 - Bump hazelcast.version to 4.2.5
  • #8003 - Bump jackson-annotations to 2.13.3
  • #8004 - Bump jackson-core to 2.13.3
  • #7849 - Bump jacoco-maven-plugin to 0.8.8
  • #7937 - Bump jboss-logging to 3.5.0.Final
  • #7815 - Bump jnr-ffi to 2.2.12
  • #7967 - Bump kerb-simplekdc to 2.0.2
  • #8029 - Bump logback-core to 1.3.0-alpha16
  • #8064 - Bump mariadb-java-client to 3.0.5
  • #7908 - Bump maven-antrun-plugin to 3.1.0
  • #8001 - Bump maven-bundle-plugin to 5.1.6
  • #7843 - Bump maven-clean-plugin to 3.2.0
  • #8080 - Bump maven-invoker-plugin to 3.3.0
  • #7902 - Bump maven-javadoc-plugin to 3.4.0
  • #8079 - Bump maven-scm-provider-jgit to 1.13.0
  • #7904 - Bump maven-site-plugin to 3.12.0
  • #7900 - Bump maven.resolver.version to 1.8.0
  • #7915 - Bump mongo-java-driver to 3.12.11
  • #8108 - Bump openwebbeans.version to 2.0.27
  • #7877 - Bump org.apache.aries.spifly.dynamic.bundle to 1.3.5
  • #8123 - Bump org.apache.felix.framework to 7.0.5
  • #8019 - Bump plexus-utils to 3.4.2
  • #7859 - Bump protostream to 4.4.2.Final
  • #8030 - Bump spotbugs-maven-plugin to 4.7.0.0
  • #8031 - Bump testcontainers-bom to 1.17.2
  • #7972 - Bump tycho-p2-repository-plugin to 2.7.3
  • #8038 - Bump versions-maven-plugin to 2.11.0

Fixed Security Advisories

Important

  • #7958 - Jetty 9.4.x is now at End of Community Support. (See issue for details)

Changelog

  • #8145 - RegexPathSpec backport of optional group name/info lookup if regex fails
  • #8088 - Add option to configure exitVm on ShutdownMonitor from System properties
  • #8067 - Wall time usage in DoSFilter RateTracker results in false positive alert
  • #8014 - Review HttpRequest URI construction (Resolves CVE-2022-2047)
  • #7976 - Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser.
  • #7947 - Improved PathSpec handling for servletName & pathInfo
  • #7935 - Review HTTP/2 error handling (Resolves CVE-2022-2048)
  • #7918 - PathMappings.asPathSpec does not allow root ServletPathSpec
  • #7863 - Default servlet drops first accept-encoding header if there is more than one.
  • #7858 - GZipHandler does not play nice with other handlers in HandlerCollection
  • #7837 - Fix StatisticsHandler in the case a Handler throws exception.
  • #7809 - Jetty 9.4.x 7801 duplicate set session cookies
  • #7748 - Allow overriding of url-pattern mapping in ServletContextHandler to allow for regex or uri-template matching

Dependencies

  • #8076 - Bump asciidoctorj-diagram to 2.2.3
  • #7840 - Bump asm.version to 9.3
  • #8143 - Bump biz.aQute.bndlib to 6.3.1
  • #8055 - Bump error_prone_annotations to 2.14.0
  • #8110 - Bump google-cloud-datastore to 2.7.0
  • #8098 - Bump grpc-core to 1.47.0
  • #7988 - Bump hawtio-default to 2.15.0
  • #7999 - Bump jackson-annotations to 2.13.3
  • #8000 - Bump jackson-core to 2.13.3
  • #8002 - Bump jackson-databind to 2.13.3
  • #7846 - Bump jacoco-maven-plugin to 0.8.8
  • #7816 - Bump jnr-ffi to 2.2.12
  • #7968 - Bump kerb-simplekdc to 2.0.2
  • #8060 - Bump mariadb-java-client to 3.0.5
  • #7909 - Bump maven-antrun-plugin to 3.1.0
  • #7841 - Bump maven-clean-plugin to 3.2.0
  • #8078 - Bump maven-invoker-plugin to 3.3.0
  • #7903 - Bump maven-site-plugin to 3.12.0
  • #7901 - Bump maven.resolver.version to 1.8.0
  • #8128 - Bump maven.surefire.plugin.version to 3.0.0-M7
  • #7957 - Bump mongo-java-driver to 2.14.3
  • #8107 - Bump openwebbeans.version to 2.0.27
  • #7878 - Bump org.apache.aries.spifly.dynamic.bundle to 1.3.5
  • #8121 - Bump org.apache.felix.framework to 7.0.5
  • #8018 - Bump plexus-utils to 3.4.2
  • #7926 - Bump protostream to 4.4.3.Final
  • #8027 - Bump spotbugs-maven-plugin to 4.7.0.0
  • #8028 - Bump testcontainers.version to 1.17.2
  • #8039 - Bump versions-maven-plugin to 2.11.0

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #7771 - Clarify WebSocketUpgradeFilter.addMapping() method usage
  • #7615 - HttpServletResponse.encodeURL not working for URLs starting with ../
  • #7599 - Honor parameters order when parsing query and form parameters (@jebeaudet)
  • #7569 - Miconfigured headerCacheSize in can result in IllegalArgumentException
  • #7567 - Gzip compression not working for multipart/form-data when added to the allowed list using addIncludedMimeTypes.
  • #7548 - Interrupt flag is not always cleared in between requests
  • #7518 - ArrayTrie getBest fails to match the empty string entry in certain cases
  • #7516 - Fix log class name in ArrayByteBufferPool (@slovdahl)
  • #7496 - Transient 400: Bad Request responses
  • #7480 - remove duplicated dependencies and upgrade to last spring 3.2.x
  • #7271 - It is necessary to set MAX_CAPACITY to ArrayTernaryTrie/ArrayTrie
  • #6756 - Deprecate jetty-spring sub-project
  • #5965 - Option --write-module-graph produces wrong .dot file

Dependencies

  • #7500 - Bump asciidoctor-maven-plugin to 2.2.2
  • #7706 - Bump awaitility to 4.2.0
  • #7501 - Bump checkstyle to 9.3
  • #7449 - Bump error_prone_annotations to 2.11.0
  • #7744 - Bump google-cloud-datastore to 2.2.9
  • #7805 - Bump grpc-core to 1.45.1
  • #7583 - Bump gson to 2.9.0
  • #7680 - Bump guava to 31.1-jre
  • #7445 - Bump guice to 5.1.0
  • #7560 - Bump hawtio-default to 2.14.5
  • #7582 - Bump infinispan.version to 11.0.15.Final
  • #7707 - Bump jackson-annotations to 2.13.2
  • #7699 - Bump jackson-core to 2.13.2
  • #7798 - Bump jackson-databind to 2.13.2.2
  • #7796 - Bump jmh.version to 1.35
  • #7790 - Bump jna to 5.11.0
  • #6920 - Bump jolokia-war to 1.7.1
  • #7590 - Bump json-smart to 2.4.8
  • #7705 - Bump logback.version to 1.2.11
  • #7792 - Bump mariadb-java-client to 3.0.4
  • #7727 - Bump maven-compiler-plugin to 3.10.1
  • #7737 - Bump maven-dependency-plugin to 3.3.0
  • #7542 - Bump maven-project-info-reports-plugin to 3.2.1
  • #7612 - Bump maven-site-plugin to 3.11.0
  • #7550 - Bump openwebbeans.version to 2.0.26
  • #7746 - Bump org.eclipse.osgi to 3.17.200
  • #7553 - Bump osgi.annotation to 8.1.0
  • #7779 - Bump spotbugs-maven-plugin to 4.6.0.0
  • #6756 - Bump spring-beans to 5.3.18
  • #7743 - Bump versions-maven-plugin to 2.10.0
  • #7622 - Bump weld-servlet-core to 3.1.9.Final
  • #7708 - Bump wildfly-common to 1.6.0.Final
  • #7756 - Bump wildfly-elytron to 1.19.0.Final
  • #7435 - Investigate Infinispan transitive dependencies
Compare
Choose a tag to compare

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #7748 - Allow overriding of url-pattern mapping in ServletContextHandler to allow for regex or uri-template matching
  • #7677 - jetty-maven-plugin - maven internal dependencies included on webapp classloader
  • #7657 - Remove unused test imports in jetty-nosql
  • #7655 - Remove unused imports in jetty-gcloud
  • #7633 - Make osgi build work with snapshot jsp jars
  • #7625 - HTTP/3 error against www.google.com
  • #7617 - Logback-access RequestLog not working
  • #7615 - HttpServletResponse.encodeURL not working for URLs starting with ../
  • #7613 - Configurations.add(Configuration) results in UnsupportedOperationException
  • #7605 - Honor parameters order when parsing query and form parameters
  • #7575 - Misleading docs for HttpClientTransportDynamic
  • #7574 - Turn off peer cerificate verification for quic-server by default (@sunng87)
  • #7573 - WebSockets - "Unsupported PathParam Type: java.lang.Integer"
  • #7567 - Gzip compression not working for multipart/form-data when added to the allowed list using addIncludedMimeTypes.
  • #7548 - Interrupt flag is not always cleared in between requests
  • #7547 - Fix typo in java doc (@kaiyuezhou)
  • #7545 - Named arguments do not work in jetty-openid.xml
  • #7544 - Add option to allow well-known directories to be listed.
  • #7524 - Missing package in JmxConfiguration
  • #7523 - Typo in AnnotationConfiguration
  • #7517 - Some ArrayTrie methods throw StackOverflowError when cointaining a very large entry
  • #7514 - Adding InheritedListeners to already-started components can cause IllegalStateException
  • #7513 - Getter/setter type mismatch for mbean attribute file in class org.eclipse.jetty.deploy.PropertiesConfigurationManager
  • #7496 - Transient 400: Bad Request responses
  • #7430 - Run WebSocket Autobahn test for all Jetty, Javax and Core APIs
  • #7414 - QoSFilter.setMaxRequests throws NullPointerException
  • #7344 - Incompatible with jacoco due to shutdown race condition
  • #7182 - jetty.sh start process should remove jetty_state whenever deleting the pid (@ianrifkin)
  • #6879 - Remove jminix (not maintained) module as hawtio provide same features
  • #6282 - SecuredRedirectHandler should probably redirect with 301 (@dellgreen)
  • #6017 - Property overriding does not work
  • #5965 - Option --write-module-graph produces wrong .dot file
  • #5681 - Unrecognized jetty-home/start.jar command line option not reported clearly

Dependencies

  • #7498 - Bump asciidoctor-maven-plugin to 2.2.2
  • #7695 - Bump awaitility to 4.2.0
  • #7762 - Bump google-cloud-datastore to 2.2.9
  • #7733 - Bump grpc-core to 1.45.0
  • #7696 - Bump jackson-annotations to 2.13.2
  • #7697 - Bump jackson-core to 2.13.2
  • #7785 - Bump jackson-databind to 2.13.2.1
  • #7491 - Bump jakarta.inject-api to 2.0.1
  • #7788 - Bump jna-jpms to 5.11.0
  • #7487 - Bump jsp.impl.version to 10.0.14
  • #7589 - Bump logback-core to 1.3.0-alpha14
  • #7787 - Bump mariadb-java-client to 3.0.4
  • #7735 - Bump maven-compiler-plugin to 3.10.1
  • #7734 - Bump maven-dependency-plugin to 3.3.0
  • #7761 - Bump maven-jxr-plugin to 3.2.0
  • #7540 - Bump maven-project-info-reports-plugin to 3.2.1
  • #7620 - Bump maven-site-plugin to 3.11.0
  • #7759 - Bump org.eclipse.osgi to 3.17.200
  • #7758 - Bump versions-maven-plugin to 2.10.0
  • #7760 - Bump wildfly-elytron to 1.19.0.Final
  • #7495 - remove unsupported modules
Compare
Choose a tag to compare

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #7748 - Allow overriding of url-pattern mapping in ServletContextHandler to allow for regex or uri-template matching
  • #7677 - jetty-maven-plugin - maven internal dependencies included on webapp classloader
  • #7657 - Remove unused test imports in jetty-nosql
  • #7655 - Remove unused imports in jetty-gcloud
  • #7633 - Make osgi build work with snapshot jsp jars
  • #7625 - HTTP/3 error against www.google.com
  • #7617 - Logback-access RequestLog not working
  • #7615 - HttpServletResponse.encodeURL not working for URLs starting with ../
  • #7613 - Configurations.add(Configuration) results in UnsupportedOperationException
  • #7605 - Honor parameters order when parsing query and form parameters
  • #7575 - Misleading docs for HttpClientTransportDynamic
  • #7574 - Turn off peer cerificate verification for quic-server by default (@sunng87)
  • #7573 - WebSockets - "Unsupported PathParam Type: java.lang.Integer"
  • #7567 - Gzip compression not working for multipart/form-data when added to the allowed list using addIncludedMimeTypes.
  • #7548 - Interrupt flag is not always cleared in between requests
  • #7547 - Fix typo in java doc (@kaiyuezhou)
  • #7545 - Named arguments do not work in jetty-openid.xml
  • #7544 - Add option to allow well-known directories to be listed.
  • #7524 - Missing package in JmxConfiguration
  • #7523 - Typo in AnnotationConfiguration
  • #7517 - Some ArrayTrie methods throw StackOverflowError when cointaining a very large entry
  • #7514 - Adding InheritedListeners to already-started components can cause IllegalStateException
  • #7513 - Getter/setter type mismatch for mbean attribute file in class org.eclipse.jetty.deploy.PropertiesConfigurationManager
  • #7496 - Transient 400: Bad Request responses
  • #7414 - QoSFilter.setMaxRequests throws NullPointerException
  • #7344 - Incompatible with jacoco due to shutdown race condition
  • #7182 - jetty.sh start process should remove jetty_state whenever deleting the pid (@ianrifkin)
  • #6879 - Remove jminix (not maintained) module as hawtio provide same features
  • #6282 - SecuredRedirectHandler should probably redirect with 301 (@dellgreen)
  • #6017 - Property overriding does not work
  • #5965 - Option --write-module-graph produces wrong .dot file
  • #5681 - Unrecognized jetty-home/start.jar command line option not reported clearly

Dependencies

  • #7499 - Bump asciidoctor-maven-plugin to 2.2.2
  • #7703 - Bump awaitility to 4.2.0
  • #7502 - Bump checkstyle to 9.3
  • #7470 - Bump error_prone_annotations to 2.11.0
  • #7741 - Bump google-cloud-datastore to 2.2.9
  • #7804 - Bump grpc-core to 1.45.1
  • #7587 - Bump gson to 2.9.0
  • #7679 - Bump guava to 31.1-jre
  • #7447 - Bump guice to 5.1.0
  • #7559 - Bump hawtio-default to 2.14.5
  • #7591 - Bump infinispan-bom to 11.0.15.Final
  • #7702 - Bump jackson-annotations to 2.13.2
  • #7704 - Bump jackson-core to 2.13.2
  • #7799 - Bump jackson-databind to 2.13.2.2
  • #7678 - Bump jetty-quiche-native to 0.12.0
  • #7797 - Bump jmh.version to 1.35
  • #7793 - Bump jna-jpms to 5.11.0
  • #6907 - Bump jolokia-war to 1.7.1
  • #7581 - Bump json-smart to 2.4.8
  • #7670 - Bump log4j-api to 2.17.2
  • #7585 - Bump logback-core to 1.3.0-alpha14
  • #7789 - Bump mariadb-java-client to 3.0.4
  • #7725 - Bump maven-compiler-plugin to 3.10.1
  • #7739 - Bump maven-dependency-plugin to 3.3.0
  • #7568 - Bump maven-javadoc-plugin to 3.3.2
  • #7755 - Bump maven-jxr-plugin to 3.2.0
  • #7416 - Bump maven-plugin-plugin to 3.6.4
  • #7543 - Bump maven-project-info-reports-plugin to 3.2.1
  • #7610 - Bump maven-site-plugin to 3.11.0
  • #7549 - Bump openwebbeans.version to 2.0.26
  • #7745 - Bump org.eclipse.osgi to 3.17.200
  • #7552 - Bump osgi.annotation to 8.1.0
  • #7555 - Bump slf4j to 2.0.0-alpha6 (@joschi)
  • #7780 - Bump spotbugs-maven-plugin to 4.6.0.0
  • #7669 - Bump tycho-p2-repository-plugin to 2.7.0
  • #7438 - Bump versions-maven-plugin to 2.9.0
  • #7602 - Bump weld-servlet-core to 3.1.9.Final
  • #7709 - Bump wildfly-common to 1.6.0.Final
  • #7757 - Bump wildfly-elytron to 1.19.0.Final
  • #7435 - Investigate Infinispan transitive dependencies
  • #7529 - Upgrade quiche to version 0.11.0
79cc9cf
Compare
Choose a tag to compare

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #7524 - Missing package in JmxConfiguration
  • #7523 - Typo in AnnotationConfiguration
  • #7514 - Adding InheritedListeners to already-started components can cause IllegalStateException
  • #7430 - Run WebSocket Autobahn test for all Jetty, Javax and Core APIs
  • #7419 - Update resource base example so it works (@Artur-)
  • #7417 - Clarify that requestHeaderSize is a cumulative limit (@mszabo-wikia)
  • #7375 - Some environments require Request scoping during session save
  • #7369 - Document CustomRequestLog
  • #7361 - Fix resource leaks in PropertyUserStore, XmlConfiguraiton, and start.jar (@lujiefsi)
  • #7351 - Large WebSocket payloads with permessage-deflate hang on 10.0.7
  • #7348 - Slow CONNECT request causes NPE
  • #7327 - jetty-slf4j-impl missing from BOM
  • #7313 - addBean(_attributes); only called in the Convenience constructor of org.eclipse.jetty.server.Server
  • #7299 - Enabling the logging-logback module prevents eclipse remote debugging
  • #7297 - Deprecate log4j 1.x support
  • #7294 - Fix possible NPE from WebSocketAdapter
  • #7277 - Allow override of ServletRequest.getLocalName() and .getLocalPort() in post-intermediary scenarios
  • #7262 - Allow the SerlvetHandler.getFilterChain method to be overridden.
  • #7240 - Clarify and javadoc InvocationType
  • #7160 - HttpURI considers %25 to be ambiguous, preventing access to static resources with % in their name
  • #7132 - Tidy up demo webapps
  • #7131 - Use Charset instead of encoding string where possible
  • #7124 - Add default methods on LifeCycle.Listener interface
  • #7111 - Add support to deprecate jetty-home modules
  • #7109 - Deprecate UnixSocket JNR support
  • #7103 - Rework LaF of distro landing page
  • #7086 - WebSocket: java.lang.IllegalStateException: already released RetainableByteBuffer
  • #7064 - Cleanup or clarify (null) in output of --list-config
  • #7063 - Simplify command line use of org.eclipse.jetty.util.Password
  • #7062 - test-keystore.p12 is no longer packaged in jetty-home
  • #7059 - NPE in AllowedResourceAliasChecker.getPath()
  • #7042 - Simplify configuration to use different OpenIdConfiguration per webapp.
  • #7031 - ResponseWriter.println(char) does not print newline
  • #7008 - Problem with jetty.sh start regression 10.0.6 -> 10.0.7 when using JETTY_USER
  • #6987 - jetty-unixdomain-server is missing from jetty-bom (@markslater)
  • #6985 - ELContextCleaner references javax class in jetty-11
  • #6980 - ELContextCleaner failed because cannot access a member of class javax.el.BeanELResolver with modifiers "private static final"
  • #6973 - Jetty starts consuming CPU that remains high even without any traffic
  • #6965 - Expose Spec ServerContainer.upgrade() API
  • #6497 - Replace SameFileAliasChecker
  • #6282 - SecuredRedirectHandler should probably redirect with 301 (@dellgreen)
  • #6017 - Property overriding does not work
  • #4317 - EventSource does not work with GzipHandler
  • #4275 - Path Normalization/Traversal - Context Matching
  • #2690 - Clarify ordering, concurrency behavior of WebSocketListener and normal HTTP responses
  • #2504 - Expose more WebSocket details in JMX and Server Dump
  • #1087 - Support .well-known serving in handlers
  • #100 - Can't deploy web app as an unpacked directory inside a bundle JAR on Felix

Dependencies

  • #7529 - Upgrade quiche to version 0.11.0
  • #7520 - Bump google-cloud-datastore from 2.2.2 to 2.2.3
  • #7508 - Bump logback-core from 1.3.0-alpha12 to 1.3.0-alpha13
  • #7502 - Bump checkstyle from 9.2.1 to 9.3
  • #7499 - Bump asciidoctor-maven-plugin from 2.2.1 to 2.2.2
  • #7495 - remove unsupported modules
  • #7491 - Bump jakarta.inject-api from 2.0.0 to 2.0.1
  • #7487 - Bump jsp.impl.version from 10.0.10 to 10.0.14
  • #7470 - Bump error_prone_annotations from 2.10.0 to 2.11.0
  • #7462 - Bump grpc-core from 1.43.2 to 1.44.0
  • #7447 - Bump guice from 5.0.1 to 5.1.0
  • #7438 - Bump versions-maven-plugin from 2.8.1 to 2.9.0
  • #7435 - Investigate Infinispan transitive dependencies
  • #7433 - Bump tycho-p2-repository-plugin from 2.5.0 to 2.6.0
  • #7428 - Bump mariadb-java-client from 2.7.4 to 2.7.5
  • #7426 - Bump testcontainers-bom from 1.16.2 to 1.16.3
  • #7416 - Bump maven-plugin-plugin from 3.6.2 to 3.6.4
  • #7410 - Bump maven.plugin-tools.version from 3.6.2 to 3.6.4
  • #7402 - Bump jnr-unixsocket from 0.38.15 to 0.38.17
  • #7401 - Bump grpc-core from 1.43.1 to 1.43.2
  • #7399 - Bump maven-bundle-plugin from 5.1.3 to 5.1.4
  • #7397 - Bump hawtio-default from 2.14.3 to 2.14.4
  • #7385 - Bump build-helper-maven-plugin from 3.2.0 to 3.3.0
  • #7384 - Bump asciidoctorj from 2.5.2 to 2.5.3
  • #7383 - Bump maven-jar-plugin from 3.2.0 to 3.2.2
  • #7381 - Bump jboss-logging from 3.4.2.Final to 3.4.3.Final
  • #7379 - Bump google-cloud-datastore from 2.2.1 to 2.2.2
  • #7367 - Bump jnr-posix from 3.1.14 to 3.1.15
  • #7365 - Bump jnr-ffi from 2.2.10 to 2.2.11
  • #7362 - Bump jnr-enxio from 0.32.12 to 0.32.13
  • #7358 - Bump spotbugs-maven-plugin from 4.5.2.0 to 4.5.3.0
  • #7347 - Bump maven-scm-provider-jgit from 1.10.0 to 1.12.2
  • #7345 - Bump maven-deploy-plugin from 3.0.0-M1 to 3.0.0-M2
  • #7343 - Bump log4j-api from 2.17.0 to 2.17.1
  • #7340 - Bump checkstyle from 9.2 to 9.2.1
  • #7339 - Bump maven-site-plugin from 3.9.1 to 3.10.0
  • #7337 - Bump jmh.version from 1.33 to 1.34
  • #7334 - Bump logback-core from 1.3.0-alpha11 to 1.3.0-alpha12
  • #7333 - Bump plexus-component-annotations from 2.1.0 to 2.1.1
  • #7330 - Bump maven.resolver.version from 1.7.2 to 1.7.3
  • #7325 - Bump spotbugs-maven-plugin from 4.5.0.0 to 4.5.2.0
  • #7323 - Bump grpc-core from 1.43.0 to 1.43.1
  • #7322 - Bump hazelcast.version from 4.2.3 to 4.2.4
  • #7310 - Bump log4j-api from 2.16.0 to 2.17.0
  • #7309 - Bump hawtio-default from 2.14.2 to 2.14.3
  • #7306 - Bump openwebbeans.version from 2.0.24 to 2.0.25
  • #7303 - Bump log4j-api from 2.16.0 to 2.17.0
  • #7300 - Bump logback-core from 1.3.0-alpha10 to 1.3.0-alpha11
  • #7289 - Bump hazelcast.version from 4.2.2 to 4.2.3
  • #7288 - Bump grpc-core from 1.42.1 to 1.43.0
  • #7275 - Bump maven-bundle-plugin from 5.1.2 to 5.1.3
  • #7274 - Bump log4j-api from 2.15.0 to 2.16.0
  • #7265 - Bump hawtio-default from 2.14.1 to 2.14.2
  • #7256 - Bump log4j-api from 2.14.1 to 2.15.0
  • #7254 - Upgrade jackson-databind to 2.13.0
  • #7245 - Bump openwebbeans.version from 2.0.23 to 2.0.24
  • #7239 - Bump org.eclipse.osgi from 3.17.0 to 3.17.100
  • #7236 - Bump jnr-posix from 3.1.13 to 3.1.14
  • #7234 - Bump jnr-unixsocket from 0.38.14 to 0.38.15
  • #7233 - Bump httpcore from 4.4.14 to 4.4.15
  • #7224 - Bump org.apache.felix.framework from 7.0.1 to 7.0.3
  • #7214 - Bump google-cloud-datastore from 2.2.0 to 2.2.1
  • #7204 - Bump jnr-enxio from 0.32.11 to 0.32.12
  • #7196 - Bump jnr-posix from 3.1.12 to 3.1.13
  • #7194 - Bump jnr-unixsocket from 0.38.13 to 0.38.14
  • #7191 - Bump jnr-ffi from 2.2.9 to 2.2.10
  • #7179 - Bump checkstyle from 9.1 to 9.2
  • #7176 - Bump maven-plugin-plugin from 3.6.1 to 3.6.2
  • #7174 - Bump junit.version from 5.8.1 to 5.8.2
  • #7172 - Bump maven.plugin-tools.version from 3.6.1 to 3.6.2
  • #7154 - Bump jnr-unixsocket from 0.38.12 to 0.38.13
  • #7152 - Bump jnr-enxio from 0.32.10 to 0.32.11
  • #7151 - Bump jnr-posix from 3.1.11 to 3.1.12
  • #7144 - Bump maven.version from 3.8.3 to 3.8.4
  • #7135 - Bump spotbugs-maven-plugin from 4.4.2.2 to 4.5.0.0
  • #7128 - Bump google-cloud-datastore from 2.1.3 to 2.2.0
  • #7116 - Bump grpc-core from 1.42.0 to 1.42.1
  • #7089 - Bump jna from 5.9.0 to 5.10.0
  • #7084 - Bump error_prone_annotations from 2.9.0 to 2.10.0
  • #7082 - Bump grpc-core from 1.41.0 to 1.42.0
  • #7068 - Bump gson from 2.8.8 to 2.8.9
  • #7067 - Bump checkstyle from 9.0.1 to 9.1
  • #7045 - Bump h2spec-maven-plugin from 1.0.8 to 1.0.9
  • #7040 - Bump hawtio-default from 2.14.0 to 2.14.1
  • #7037 - Bump testcontainers-bom from 1.16.1 to 1.16.2
  • #7035 - Bump awaitility from 4.1.0 to 4.1.1
  • #7029 - Bump spotbugs-maven-plugin from 4.4.2.1 to 4.4.2.2
  • #7028 - Bump h2spec-maven-plugin from 1.0.7 to 1.0.8
  • #7024 - Bump google-cloud-datastore from 2.1.2 to 2.1.3
  • #7019 - Bump testcontainers-bom from 1.16.0 to 1.16.1
  • #7014 - Bump ant.version from 1.10.11 to 1.10.12
  • #7012 - Remove all old geronimo spec jars from jetty-10
  • #7007 - Bump spotbugs-maven-plugin from 4.4.2 to 4.4.2.1
  • #7006 - Bump jakarta.inject-api from 1.0.3 to 1.0.4
  • #6996 - Bump spotbugs-maven-plugin from 4.4.1 to 4.4.2
  • #6995 - Bump osgi.annotation from 8.0.0 to 8.0.1
  • #6954 - Bump maven.version from 3.8.2 to 3.8.3