Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump jetty.version from 10.0.15 to 10.0.16 #489

Merged
merged 1 commit into from
Aug 31, 2023
Merged

Bump jetty.version from 10.0.15 to 10.0.16 #489

merged 1 commit into from
Aug 31, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 31, 2023

Bumps jetty.version from 10.0.15 to 10.0.16.
Updates org.eclipse.jetty:jetty-server from 10.0.15 to 10.0.16

Release notes

Sourced from org.eclipse.jetty:jetty-server's releases.

10.0.16

Security Updates

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #10397 - Iso88591StringBuilder.append seems to have a logic error
  • #10388 - Jetty10 inetaccess mod started error
  • #10329 - Various cleanups in HttpParser
  • #10271 - jetty.sh does not stop jetty anymore
  • #10211 - NPE in ArrayByteBufferPool.findOldestEntry()
  • #10176 - cleanups of DateCache
  • #10160 - Verify PROXY_AUTHENTICATION is sent to forward proxies
  • #10145 - WritePendingException over HTTP/2 tunnel
  • #10143 - Startup fails due to IllegalArgumentException: Comparison method violates its general contract
  • #10135 - Websocket: Using PerMessageDeflateExtension and flush in batchMode send FLUSH_FRAME to client.
  • #10105 - Document that Request objects are not reusable
  • #10086 - Revisiting ProxyConfiguration.getProxies()
  • #10066 - Allow SAXParserFactory or SAXParser to be configured in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh workaround
  • #9997 - No progress during Gzip Request Inflation results in bogus error
  • #9947 - Cannot invoke "org.eclipse.jetty.io.ManagedSelector.getTotalKeys()" because "selector" is null (@​strogiyotec)
  • #9938 - Bulletproof AbstractProxyServlet#destory() to make it easier to write (@​garydgregory)
  • #9895 - A MessageTooLargeException doesn't close a WebSocket connection
  • #9887 - Deprecate CGI Servlet
  • #9798 - review and cleanup of HTTP/3 QPACK Integer and String encoding
  • #9777 - CrossOriginFilter does not return Vary header on no-cors mode
  • #9761 - H3: Fix racy read from stream-less channel
  • #9749 - HTTP/2 improvements.
  • #9741 - Review of websocket parser, improve testing & comments.
  • #9728 - Fixes to QPACK configuration from SETTINGS frames.
  • #9715 - deprecate PushSessionCacheFilter
  • #9685 - Jetty doesn't set the date header on error responses
  • #9682 - RetainableByteBuffer buffer release bug in WebSocket
  • #9554 - Move (qpack/hpack) HuffmanDecoder / HuffmanEncoder / NBitInteger* to common location
  • #9476 - onCompleteFailure called multiple times
  • #8926 - HttpClient GZIPContentDecoder should remove Content-Length and Content-Encoding: gzip
  • #8556 - ServletContext.getSessionTimeout() incorrectly throws IllegalStateException
  • #8405 - Servlet 3.1 ReadListener.onAllDataRead() is called twice under h2 or h2c if the server doesn't respond within 30s
  • #7091 - Add SOCKS5 support (@​huisongma)
Commits

Updates org.eclipse.jetty:jetty-servlet from 10.0.15 to 10.0.16

Release notes

Sourced from org.eclipse.jetty:jetty-servlet's releases.

10.0.16

Security Updates

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #10397 - Iso88591StringBuilder.append seems to have a logic error
  • #10388 - Jetty10 inetaccess mod started error
  • #10329 - Various cleanups in HttpParser
  • #10271 - jetty.sh does not stop jetty anymore
  • #10211 - NPE in ArrayByteBufferPool.findOldestEntry()
  • #10176 - cleanups of DateCache
  • #10160 - Verify PROXY_AUTHENTICATION is sent to forward proxies
  • #10145 - WritePendingException over HTTP/2 tunnel
  • #10143 - Startup fails due to IllegalArgumentException: Comparison method violates its general contract
  • #10135 - Websocket: Using PerMessageDeflateExtension and flush in batchMode send FLUSH_FRAME to client.
  • #10105 - Document that Request objects are not reusable
  • #10086 - Revisiting ProxyConfiguration.getProxies()
  • #10066 - Allow SAXParserFactory or SAXParser to be configured in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh workaround
  • #9997 - No progress during Gzip Request Inflation results in bogus error
  • #9947 - Cannot invoke "org.eclipse.jetty.io.ManagedSelector.getTotalKeys()" because "selector" is null (@​strogiyotec)
  • #9938 - Bulletproof AbstractProxyServlet#destory() to make it easier to write (@​garydgregory)
  • #9895 - A MessageTooLargeException doesn't close a WebSocket connection
  • #9887 - Deprecate CGI Servlet
  • #9798 - review and cleanup of HTTP/3 QPACK Integer and String encoding
  • #9777 - CrossOriginFilter does not return Vary header on no-cors mode
  • #9761 - H3: Fix racy read from stream-less channel
  • #9749 - HTTP/2 improvements.
  • #9741 - Review of websocket parser, improve testing & comments.
  • #9728 - Fixes to QPACK configuration from SETTINGS frames.
  • #9715 - deprecate PushSessionCacheFilter
  • #9685 - Jetty doesn't set the date header on error responses
  • #9682 - RetainableByteBuffer buffer release bug in WebSocket
  • #9554 - Move (qpack/hpack) HuffmanDecoder / HuffmanEncoder / NBitInteger* to common location
  • #9476 - onCompleteFailure called multiple times
  • #8926 - HttpClient GZIPContentDecoder should remove Content-Length and Content-Encoding: gzip
  • #8556 - ServletContext.getSessionTimeout() incorrectly throws IllegalStateException
  • #8405 - Servlet 3.1 ReadListener.onAllDataRead() is called twice under h2 or h2c if the server doesn't respond within 30s
  • #7091 - Add SOCKS5 support (@​huisongma)
Commits

Updates org.eclipse.jetty:jetty-util from 10.0.15 to 10.0.16

Release notes

Sourced from org.eclipse.jetty:jetty-util's releases.

10.0.16

Security Updates

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #10397 - Iso88591StringBuilder.append seems to have a logic error
  • #10388 - Jetty10 inetaccess mod started error
  • #10329 - Various cleanups in HttpParser
  • #10271 - jetty.sh does not stop jetty anymore
  • #10211 - NPE in ArrayByteBufferPool.findOldestEntry()
  • #10176 - cleanups of DateCache
  • #10160 - Verify PROXY_AUTHENTICATION is sent to forward proxies
  • #10145 - WritePendingException over HTTP/2 tunnel
  • #10143 - Startup fails due to IllegalArgumentException: Comparison method violates its general contract
  • #10135 - Websocket: Using PerMessageDeflateExtension and flush in batchMode send FLUSH_FRAME to client.
  • #10105 - Document that Request objects are not reusable
  • #10086 - Revisiting ProxyConfiguration.getProxies()
  • #10066 - Allow SAXParserFactory or SAXParser to be configured in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh workaround
  • #9997 - No progress during Gzip Request Inflation results in bogus error
  • #9947 - Cannot invoke "org.eclipse.jetty.io.ManagedSelector.getTotalKeys()" because "selector" is null (@​strogiyotec)
  • #9938 - Bulletproof AbstractProxyServlet#destory() to make it easier to write (@​garydgregory)
  • #9895 - A MessageTooLargeException doesn't close a WebSocket connection
  • #9887 - Deprecate CGI Servlet
  • #9798 - review and cleanup of HTTP/3 QPACK Integer and String encoding
  • #9777 - CrossOriginFilter does not return Vary header on no-cors mode
  • #9761 - H3: Fix racy read from stream-less channel
  • #9749 - HTTP/2 improvements.
  • #9741 - Review of websocket parser, improve testing & comments.
  • #9728 - Fixes to QPACK configuration from SETTINGS frames.
  • #9715 - deprecate PushSessionCacheFilter
  • #9685 - Jetty doesn't set the date header on error responses
  • #9682 - RetainableByteBuffer buffer release bug in WebSocket
  • #9554 - Move (qpack/hpack) HuffmanDecoder / HuffmanEncoder / NBitInteger* to common location
  • #9476 - onCompleteFailure called multiple times
  • #8926 - HttpClient GZIPContentDecoder should remove Content-Length and Content-Encoding: gzip
  • #8556 - ServletContext.getSessionTimeout() incorrectly throws IllegalStateException
  • #8405 - Servlet 3.1 ReadListener.onAllDataRead() is called twice under h2 or h2c if the server doesn't respond within 30s
  • #7091 - Add SOCKS5 support (@​huisongma)
Commits

Updates org.eclipse.jetty:jetty-webapp from 10.0.15 to 10.0.16

Release notes

Sourced from org.eclipse.jetty:jetty-webapp's releases.

10.0.16

Security Updates

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #10397 - Iso88591StringBuilder.append seems to have a logic error
  • #10388 - Jetty10 inetaccess mod started error
  • #10329 - Various cleanups in HttpParser
  • #10271 - jetty.sh does not stop jetty anymore
  • #10211 - NPE in ArrayByteBufferPool.findOldestEntry()
  • #10176 - cleanups of DateCache
  • #10160 - Verify PROXY_AUTHENTICATION is sent to forward proxies
  • #10145 - WritePendingException over HTTP/2 tunnel
  • #10143 - Startup fails due to IllegalArgumentException: Comparison method violates its general contract
  • #10135 - Websocket: Using PerMessageDeflateExtension and flush in batchMode send FLUSH_FRAME to client.
  • #10105 - Document that Request objects are not reusable
  • #10086 - Revisiting ProxyConfiguration.getProxies()
  • #10066 - Allow SAXParserFactory or SAXParser to be configured in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh workaround
  • #9997 - No progress during Gzip Request Inflation results in bogus error
  • #9947 - Cannot invoke "org.eclipse.jetty.io.ManagedSelector.getTotalKeys()" because "selector" is null (@​strogiyotec)
  • #9938 - Bulletproof AbstractProxyServlet#destory() to make it easier to write (@​garydgregory)
  • #9895 - A MessageTooLargeException doesn't close a WebSocket connection
  • #9887 - Deprecate CGI Servlet
  • #9798 - review and cleanup of HTTP/3 QPACK Integer and String encoding
  • #9777 - CrossOriginFilter does not return Vary header on no-cors mode
  • #9761 - H3: Fix racy read from stream-less channel
  • #9749 - HTTP/2 improvements.
  • #9741 - Review of websocket parser, improve testing & comments.
  • #9728 - Fixes to QPACK configuration from SETTINGS frames.
  • #9715 - deprecate PushSessionCacheFilter
  • #9685 - Jetty doesn't set the date header on error responses
  • #9682 - RetainableByteBuffer buffer release bug in WebSocket
  • #9554 - Move (qpack/hpack) HuffmanDecoder / HuffmanEncoder / NBitInteger* to common location
  • #9476 - onCompleteFailure called multiple times
  • #8926 - HttpClient GZIPContentDecoder should remove Content-Length and Content-Encoding: gzip
  • #8556 - ServletContext.getSessionTimeout() incorrectly throws IllegalStateException
  • #8405 - Servlet 3.1 ReadListener.onAllDataRead() is called twice under h2 or h2c if the server doesn't respond within 30s
  • #7091 - Add SOCKS5 support (@​huisongma)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump jetty.version from 10.0.15 to 10.0.16
830002c 
Bumps `jetty.version` from 10.0.15 to 10.0.16.

Updates `org.eclipse.jetty:jetty-server` from 10.0.15 to 10.0.16
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-10.0.15...jetty-10.0.16)

Updates `org.eclipse.jetty:jetty-servlet` from 10.0.15 to 10.0.16
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-10.0.15...jetty-10.0.16)

Updates `org.eclipse.jetty:jetty-util` from 10.0.15 to 10.0.16
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-10.0.15...jetty-10.0.16)

Updates `org.eclipse.jetty:jetty-webapp` from 10.0.15 to 10.0.16
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-10.0.15...jetty-10.0.16)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-util
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-webapp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies java Pull requests that update Java code labels Aug 31, 2023
basil
basil approved these changes Aug 31, 2023
View reviewed changes
Copy link
Member

@basil basil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot squash and merge

@dependabot dependabot bot merged commit 3149884 into master Aug 31, 2023
@dependabot dependabot bot deleted the dependabot/maven/jetty.version-10.0.16 branch August 31, 2023 16:50
@MarkEWaite
Copy link
Contributor

I've added the developer label so that a new release will be created that includes this. That will provide one more step to release Jetty 10.0.16 in all the Jenkins components. However, I removed the developer label again because I need to do more dependency checks before a new release is created

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@basil basil basil approved these changes

Assignees
No one assigned
Labels
developer java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MarkEWaite @basil