search

vaadin / framework

Vaadin 6, 7, 8 is a Java framework for modern Java web applications.
http://vaadin.com/
Other
1.77k stars 729 forks source link

Bump jetty-server from 9.4.43.v20210629 to 10.0.10 #12545

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps jetty-server from 9.4.43.v20210629 to 10.0.10.

Release notes

Sourced from jetty-server's releases.

10.0.10

Special Thanks to the following Eclipse Jetty community members

Changelog

  • #8136 - Cherry-pick of Improvements to PathSpec for Jetty 10.0.x
  • #8134 - Improve cleanup of deflater/inflater pools for PerMessageDeflateExtension
  • #8088 - Add option to configure exitVm on ShutdownMonitor from System properties
  • #8067 - Wall time usage in DoSFilter RateTracker results in false positive alert
  • #8057 - Support Http Response 103 (Early Hints)
  • #8014 - Review HttpRequest URI construction
  • #8008 - Add compliance mode for LEGACY multipart parser in Jetty 10+
  • #7994 - Ability to construct a detached client Request
  • #7981 - Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser. (#7976)
  • #7977 - UpgradeHttpServletRequest.setAttribute & UpgradeHttpServletRequest.removeAttribute can throw NullPointerException
  • #7975 - ForwardedRequestCustomizer setters do not clear existing handlers
  • #7953 - Fix StatisticsHandler in the case a Handler throws exception.
  • #7935 - Review HTTP/2 error handling
  • #7929 - Correct requestlog formatString commented default (@​prenagha)
  • #7924 - Fix a typo in Javadoc (@​jianglai)
  • #7918 - PathMappings.asPathSpec does not allow root ServletPathSpec
  • #7891 - Better Servlet PathMappings for Regex
  • #7880 - DefaultServlet should not overwrite programmatically configured precompressed formats with defaults (@​markslater)
  • #7863 - Default servlet drops first accept-encoding header if there is more than one. (@​markslater)
  • #7858 - GZipHandler does not play nice with other handlers in HandlerCollection
  • #7818 - Modifying of HTTP headers in HttpChannel.Listener#onResponseBegin is no longer possible with Jetty 10
  • #7808 - Jetty 10.0.x 7801 duplicate set session cookie
  • #7802 - HTTP/3 QPACK - do not expect section ack for zero required insert count
  • #7754 - jetty.sh ignores JAVA_OPTIONS environment variable
  • #7748 - Allow overriding of url-pattern mapping in ServletContextHandler to allow for regex or uri-template matching
  • #7635 - QPACK decoder should fail connection if the encoder blocks more than SETTINGS_QPACK_BLOCKED_STREAMS
  • #4414 - GZipHandler not excluding inflation for specified paths
  • #1771 - Add module for SecuredRedirect support

Dependencies

  • #8083 - Bump asciidoctorj to 2.5.4
  • #8077 - Bump asciidoctorj-diagram to 2.2.3
  • #7839 - Bump asm.version to 9.3
  • #8142 - Bump biz.aQute.bndlib to 6.3.1
  • #8075 - Bump checkstyle to 10.3
  • #8056 - Bump error_prone_annotations to 2.14.0
  • #8109 - Bump google-cloud-datastore to 2.7.0
  • #8100 - Bump grpc-core to 1.47.0
  • #7987 - Bump hawtio-default to 2.15.0

... (truncated)

Commits
  • de73e94 Updating to version 10.0.10
  • 1b4f941 RegexPathSpec documentation and MatchedPath improvements (#8163)
  • 1f902f6 Disable H3 tests by default with a system property to explicitly enable them ...
  • 7cc461b Fixing javadoc build errors (#8173)
  • d63569d Migrate code from jetty-util Logger to slf4j Logger (#8162)
  • 66de7ba Improve ssl buffers handling (#8165)
  • 0699bc5 Use static exceptions for closing websocket flushers and in ContentProducer (...
  • b1c19c0 Merge pull request #8134 from eclipse/jetty-10.0.x-websocketPermessageDeflate...
  • 23948f1 no more profile IT tests runs per default (#8138)
  • 0d13cbe change-dependabot-interval-to-monthly (#8140)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vaadin/framework/network/alerts).
dependabot[bot] commented 1 year ago

Superseded by #12582.