Bump jetty-webapp from 9.4.12.v20180830 to 9.4.34.v20201102

dependabot[bot] commented 3 years ago

Bumps jetty-webapp from 9.4.12.v20180830 to 9.4.34.v20201102.

Release notes

9.4.34.v20201102

Bugs

#5320 : Using WebSocketClient with jetty-websocket-httpclient.xml in a Jetty web application causes ClassCastException

#5521 : ResourceCollection NPE in list()

#5555 : NPE for servlet with no mapping

Enhancements

#5488 : jetty-dir.css not found when using JPMS

#5498 : ServletHolder lifecycle correctness

#5535 : Support regex in SslContextFactory include/exclude of protocols

9.4.33.v20201020

Changes

#5022 : Cleanup ServletHandler, specifically with respect to making filter chains more extensible

#5368 : WebSocket text event execute in same thread as running binary event and destroy Threadlocal

#5378 : Filter/Servlet/Listener Holders are not started if added during STARTING state.

#5409 : HttpClient fails intermittently with "Invalid response state TRANSIENT"

#5417 : Badly configured HttpConfiguration.securePort can lead to wrong port produced by ForwardedHeader

#5443 : Request without Host header fails with NullPointerException in ForwardedRequestCustomizer

#5451 : Improve Working Directory creation

#5454 : Request error context is not reset

#5475 : Update to spifly 1.3.2 and asm 9

#5480 : NPE from WebInfConfiguration.deconfigure during WebAppContext shutdown

9.4.32.v20200930

Changelog

#2796 : HTTP/2 max local stream count exceeded when request fails

#3766 : Introduce HTTP/2 API to batch frames

#3916 : multipart/byterange output is invalid to RFC7233

#4809 : Set a max number of requests per connection

#4824 : WebSocket server outgoing message queue memory growth

#4888 : Request getSession() method throws IllegalStateException when Session exists

#4954 : Simplify ability to get Byte Counts about requests

#5032 : Introduce Listeners to aid in tracking timings within ServletContext and WebApp

#5079 : :authority header for IPv6 address in HTTP/2 not having square brackets

#5103 : Proxy sets protocol version to 2.0 instead of 1.1 when accessed from H2 client

#5104 : AbstractProxyServlet include incorrect protocol version in Via header when accessed over H2

#5105 : Graceful shutdown does not wait for resumed requests

#5108 : Improve SessionTracker scalability

#5121 : Add if (LOG.isDebugEnabled()) in CompressExtension.decompress

#5122 : Retrieving websocket connections via jmx

#5129 : No jars added when using a folder in extraClasspath of the webapp context xml file

#5147 : Set MaxUsageCount with existing connection pool changing the behavior

#5150 : Zero connection timeout is not supported in HTTP client with non-blocking connect

#5152 : HttpClient should handle unsolicited responses

#5162 : DecoratingListener raises a NullPointerException

#5165 : Wrong messagesIn count for HttpClient

#5170 : NullPointerException in HttpReceiverOverHTTP during WebSocket client Upgrade

... (truncated)

Commits

e46af88 Updating to version 9.4.34.v20201102
981b50d Merge pull request #5559 from eclipse/jetty-9.4.x-5555-NPE-NamedFilterMapping
12f3c45 Merge pull request #5374 from eclipse/jetty-9.4.x-5320-WebSocketHttpClient
4c49ca5 More cleanup for #5555
60c56d8 changes from review
b77ee51 Fixes #5555 NPE if Filter of named servlet (#5556)
f21c606 Fixes #5539 Stats XML format
a1b3d33 Merge pull request #5491 from eclipse/jetty-9.4.x-5488-jetty-dir.css
40acf60 Bump geronimo-annotation_1.3_spec from 1.1 to 1.3 (#5552)
e70e995 Bump openwebbeans.version from 2.0.18 to 2.0.19 (#5551)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/OpenBankProject/Sofit/network/alerts).