commits
Thread
Date
Earlier messages
Messages by Thread
(struts) branch WW-5627-cookie-authorization updated (87803213f -> 73f456b8d)
lukaszlenart
(struts) branch WW-5627-cookie-authorization created (now 87803213f)
lukaszlenart
(struts) 01/09: WW-5627 add ParameterAllowlister interface and STRUTS_PARAMETER_ALLOWLISTER constant
lukaszlenart
(struts) 03/09: WW-5627 register ParameterAllowlister bean in struts-default DI
lukaszlenart
(struts) 04/09: WW-5627 delegate ParametersInterceptor OGNL allowlisting to OgnlParameterAllowlister
lukaszlenart
(struts) 07/09: WW-5627 cover CookieInterceptor authorization matrix in CookieInterceptorAnnotationTest
lukaszlenart
(struts) 05/09: WW-5627 test(cookie): failing test for unannotated setter skip
lukaszlenart
(struts) 06/09: WW-5627 gate CookieInterceptor cookie injection through ParameterAuthorizer
lukaszlenart
(struts) 08/09: WW-5627 docs(cookie): document new 5-arg extension hook and deprecation
lukaszlenart
(struts) 09/09: WW-5627 wire OgnlParameterAllowlister in StrutsParameterAnnotationTest fixture
lukaszlenart
(struts) 02/09: WW-5627 add OgnlParameterAllowlister default implementation
lukaszlenart
(struts) branch WW-5626-approach-c updated (262b495a2 -> 69ffeb0fe)
lukaszlenart
(struts) branch dependabot/maven/main/com.github.ben-manes.caffeine-caffeine-3.2.4 deleted (was 4e190abc1)
lukaszlenart
(struts) branch main updated: build(deps): bump com.github.ben-manes.caffeine:caffeine (#1679)
lukaszlenart
(struts) branch dependabot/maven/release/struts-6-8-x/org.owasp-dependency-check-maven-12.2.2 deleted (was 4aee87f5c)
lukaszlenart
(struts) branch release/struts-6-8-x updated: build(deps): bump org.owasp:dependency-check-maven from 12.2.1 to 12.2.2 (#1678)
lukaszlenart
(struts) branch main updated: build(deps): bump org.owasp:dependency-check-maven from 12.2.1 to 12.2.2 (#1677)
lukaszlenart
(struts) branch dependabot/maven/main/org.owasp-dependency-check-maven-12.2.2 deleted (was 299c37a20)
lukaszlenart
(struts) branch dependabot/maven/main/org.glassfish.jaxb-jaxb-bom-4.0.8 deleted (was 9b69c99d6)
lukaszlenart
(struts) branch main updated: build(deps): bump org.glassfish.jaxb:jaxb-bom from 4.0.7 to 4.0.8 (#1676)
lukaszlenart
(struts) branch dependabot/github_actions/github/codeql-action-4.35.3 deleted (was 60dd938e9)
lukaszlenart
(struts) branch main updated: build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (#1675)
lukaszlenart
(struts) branch WW-5626-cleanup deleted (was d1d67d66c)
lukaszlenart
(struts) branch WW-5626-approach-c updated (3c0be4a3b -> 262b495a2)
lukaszlenart
(struts) branch main updated: WW-5626 cleanup follow-ups for @StrutsParameter JSON/REST enforcement (#1673)
lukaszlenart
(struts) branch chore/agentsmd updated (b39f029a1 -> b0e0a36dd)
lukaszlenart
(struts) branch chore/agentsmd created (now b39f029a1)
lukaszlenart
(struts) 01/01: chore(agents): defines a new AGENTS.md focused on reporting vulnerabilities
lukaszlenart
(struts) branch dependabot/maven/main/com.github.ben-manes.caffeine-caffeine-3.2.4 created (now 4e190abc1)
github-bot
(struts) branch dependabot/maven/release/struts-6-8-x/org.owasp-dependency-check-maven-12.2.2 created (now 4aee87f5c)
github-bot
(struts) branch dependabot/github_actions/github/codeql-action-4.35.3 created (now 60dd938e9)
github-bot
(struts) branch dependabot/maven/main/org.owasp-dependency-check-maven-12.2.2 created (now 299c37a20)
github-bot
(struts) branch dependabot/maven/main/org.glassfish.jaxb-jaxb-bom-4.0.8 created (now 9b69c99d6)
github-bot
(struts) branch WW-5626-approach-c updated (0166c6a0b -> 3c0be4a3b)
lukaszlenart
(struts) branch WW-5626-approach-c created (now 0166c6a0b)
lukaszlenart
(struts) 04/11: WW-5626 add AuthorizationAwareContentTypeHandler marker interface
lukaszlenart
(struts) 09/11: WW-5626 add integration tests proving the new Jackson authorization path is used
lukaszlenart
(struts) 01/11: WW-5626 spike: validate Jackson per-property authorization mechanism
lukaszlenart
(struts) 05/11: WW-5626 add AuthorizingSettableBeanProperty for Jackson per-property authorization
lukaszlenart
(struts) 10/11: WW-5626 deprecate XStreamHandler in favor of JacksonXmlHandler
lukaszlenart
(struts) 06/11: WW-5626 add ParameterAuthorizingModule installing the property wrapper on Jackson mappers
lukaszlenart
(struts) 02/11: WW-5626 add ParameterAuthorizationContext for deserializer-level authorization
lukaszlenart
(struts) 03/11: WW-5626 address review feedback on ParameterAuthorizationContext
lukaszlenart
(struts) 07/11: WW-5626 register ParameterAuthorizingModule on default Jackson REST handlers
lukaszlenart
(struts) 11/11: WW-5626 remove Jackson auth spike; replaced by production tests
lukaszlenart
(struts) 08/11: WW-5626 use AuthorizationAwareContentTypeHandler path when handler supports it
lukaszlenart
(struts) branch WW-5626-cleanup created (now d1d67d66c)
lukaszlenart
(struts) 03/05: WW-5626 defensively skip non-String JSON keys in authorization filter
lukaszlenart
(struts) 04/05: WW-5626 add real JacksonJsonHandler integration tests for @StrutsParameter filtering
lukaszlenart
(struts) 01/05: WW-5626 add ParameterAuthorizer#resolveTarget for centralized ModelDriven resolution
lukaszlenart
(struts) 02/05: WW-5626 delegate ModelDriven target resolution to ParameterAuthorizer
lukaszlenart
(struts) 05/05: WW-5626 make ParameterAuthorizer#resolveTarget a default method to preserve SAM
lukaszlenart
(struts) branch dependabot/maven/main/commons-io-commons-io-2.22.0 deleted (was 40214dfb1)
lukaszlenart
(struts) branch main updated: build(deps): bump commons-io:commons-io from 2.21.0 to 2.22.0 (#1672)
lukaszlenart
(struts) branch dependabot/maven/release/struts-6-8-x/commons-io-commons-io-2.22.0 deleted (was 9f7aee48c)
lukaszlenart
(struts) branch main updated: build(deps): bump com.fasterxml.jackson:jackson-bom (#1669)
lukaszlenart
(struts) branch dependabot/maven/release/struts-6-8-x/jackson.version-2.21.3 deleted (was b0ad58bf6)
lukaszlenart
(struts) branch release/struts-6-8-x updated: build(deps): bump jackson.version from 2.21.2 to 2.21.3 (#1670)
lukaszlenart
(struts) branch dependabot/github_actions/github/codeql-action-4.35.2 deleted (was 7ece9133d)
lukaszlenart
(struts) branch main updated: build(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#1668)
lukaszlenart
(struts) branch dependabot/maven/main/com.fasterxml.jackson-jackson-bom-2.21.3 deleted (was f80d5477c)
lukaszlenart
(struts) branch main updated: WW-5624: Enforce @StrutsParameter on JSON/REST body deserialization (#1657)
lukaszlenart
(struts) branch main updated: fix(core): WW-5623 HTML-encode form action in PostbackResult to prevent XSS (#1653)
lukaszlenart
(struts) branch struts-6-9-0-RC deleted (was aeeaabfb9)
lukaszlenart
(struts) branch support/struts-6-x-x updated: Struts 6.9.0 (#1662)
lukaszlenart
(struts-intellij-plugin) tag v261.19027-nightly.2 created (now 11d5ad4)
github-bot
(struts-site) branch feature/eol-versions-page updated (6e0ee1858 -> 80b118fc5)
lukaszlenart
(struts-site) branch docs/releases-add-6.8.0-prior deleted (was 200f792da)
lukaszlenart
(struts-site) branch main updated: docs: add 6.8.0 to Prior Releases and document the dependency (#298)
lukaszlenart
(struts-site) branch docs/releases-add-6.8.0-prior created (now 200f792da)
lukaszlenart
(struts-site) 01/01: docs: add 6.8.0 to Prior Releases and document the dependency
lukaszlenart
(struts-site) branch docs/idea-plugin-button-only deleted (was 2f682b517)
lukaszlenart
(struts-site) branch main updated: docs: simplify IDEA plugin install to a single Marketplace button (#297)
lukaszlenart
(struts-site) branch docs/idea-plugin-button-only created (now 2f682b517)
lukaszlenart
(struts-site) branch main updated: docs: fix broken rendering of IDEA plugin Marketplace card (#296)
lukaszlenart
(struts-site) branch docs/idea-plugin-card-fix deleted (was 1302ee66a)
lukaszlenart
(struts-site) branch docs/idea-plugin-card-fix updated (48c38f51f -> 1302ee66a)
lukaszlenart
(struts-site) branch docs/idea-plugin-card-fix created (now 48c38f51f)
lukaszlenart
(struts-site) 01/01: docs: fix broken rendering of IDEA plugin Marketplace card
lukaszlenart
(struts-site) branch docs/idea-plugin-static-card deleted (was ccd921646)
lukaszlenart
(struts-site) branch main updated: docs: replace blocked Marketplace iframes with static card (#295)
lukaszlenart
(struts-site) branch docs/idea-plugin-static-card created (now ccd921646)
lukaszlenart
(struts-site) 01/01: docs: replace blocked Marketplace iframes with static card
lukaszlenart
(struts-site) branch main updated: docs: link IDEA plugin page to Marketplace and GitHub releases (#294)
lukaszlenart
(struts-site) branch docs/idea-plugin-marketplace deleted (was 87b58acd1)
lukaszlenart
(struts-site) branch docs/idea-plugin-marketplace created (now 87b58acd1)
lukaszlenart
(struts-site) 01/01: docs: link IDEA plugin page to Marketplace and GitHub releases
lukaszlenart
(struts-site) branch feature/eol-versions-page updated (364ec19aa -> 6e0ee1858)
lukaszlenart
(struts-intellij-plugin) branch dependabot/github_actions/JetBrains/qodana-action-2026.1.0 deleted (was caac2aa)
lukaszlenart
(struts-intellij-plugin) branch main updated: ci(deps): bump JetBrains/qodana-action from 2025.3.2 to 2026.1.0 (#84)
lukaszlenart
(struts-intellij-plugin) tag v261.19027-nightly.1 created (now 2a514e1)
github-bot
(struts) branch dependabot/maven/main/commons-io-commons-io-2.22.0 created (now 40214dfb1)
github-bot
(struts) branch dependabot/maven/release/struts-6-8-x/commons-io-commons-io-2.22.0 created (now 9f7aee48c)
github-bot
(struts) branch dependabot/maven/release/struts-6-8-x/jackson.version-2.21.3 created (now b0ad58bf6)
github-bot
(struts) branch dependabot/maven/main/com.fasterxml.jackson-jackson-bom-2.21.3 created (now f80d5477c)
github-bot
(struts-intellij-plugin) branch dependabot/github_actions/JetBrains/qodana-action-2026.1.0 created (now caac2aa)
github-bot
(struts-intellij-plugin) branch chore/bump-plugin-version-261.19027.1 deleted (was c99d311)
lukaszlenart
(struts-intellij-plugin) branch main updated: Bump pluginVersion to 261.19027.1 (#83)
lukaszlenart
(struts-intellij-plugin) branch main updated: ci(release): auto-bump pluginVersion after publish (#82)
lukaszlenart
(struts-intellij-plugin) branch ci/release-bump-plugin-version deleted (was 70cbb49)
lukaszlenart
(struts-intellij-plugin) branch chore/bump-plugin-version-261.19027.1 created (now c99d311)
lukaszlenart
(struts-intellij-plugin) branch ci/release-bump-plugin-version updated (ef5c62e -> 70cbb49)
lukaszlenart
(struts-intellij-plugin) branch changelog-update-261.19017.1 deleted (was bd353f0)
lukaszlenart
(struts-intellij-plugin) branch main updated: Changelog update - 261.19017.1 (#81)
lukaszlenart
(struts-intellij-plugin) branch ci/release-bump-plugin-version created (now ef5c62e)
lukaszlenart
(struts-intellij-plugin) 01/01: ci(release): auto-bump pluginVersion after publish
lukaszlenart
(struts-intellij-plugin) branch ci/release-skip-duplicate-upload deleted (was 272b672)
lukaszlenart
(struts-intellij-plugin) branch main updated: ci(release): skip duplicate asset upload in publish workflow (#80)
lukaszlenart
(struts-intellij-plugin) branch changelog-update-261.19017.1 created (now bd353f0)
lukaszlenart
(struts-intellij-plugin) 01/01: Changelog update - 261.19017.1
lukaszlenart
(struts-intellij-plugin) branch ci/release-skip-duplicate-upload created (now 272b672)
lukaszlenart
(struts-site) branch fix/remove-stale-maven-snapshot created (now 6353ac75c)
lukaszlenart
(struts-site) branch fix/remove-stale-maven-snapshot deleted (was 6353ac75c)
lukaszlenart
(struts-site) branch main updated: Adds announcement about Apache Struts 6.9.0 GA release (#292)
lukaszlenart
(struts-site) branch ann/struts-6.9.0 deleted (was a08ffc3f6)
lukaszlenart
(struts-site) branch ann/struts-6.9.0 updated (bbd3434d9 -> a08ffc3f6)
lukaszlenart
(struts-site) branch ann/struts-6.9.0 created (now bbd3434d9)
lukaszlenart
svn commit: r84122 - dev/struts/6.9.0 release/struts/6.9.0
lukaszlenart
(struts) branch dependabot/github_actions/github/codeql-action-4.35.2 created (now 7ece9133d)
github-bot
(struts-site) branch feature/eol-versions-page updated (ce34254a8 -> 364ec19aa)
lukaszlenart
(struts-site) branch feature/eol-versions-page updated (e78f7e909 -> ce34254a8)
lukaszlenart
(struts-site) branch feature/eol-versions-page created (now e78f7e909)
lukaszlenart
(struts-site) 01/01: docs: add EOL versions page and cross-link from related pages
lukaszlenart
(struts) branch main updated: introduce private method to remove clones (#1666)
lukaszlenart
(struts) branch dependabot/maven/release/struts-6-8-x/org.owasp-dependency-check-maven-12.2.1 deleted (was f9cf3865a)
lukaszlenart
(struts) branch release/struts-6-8-x updated: build(deps): bump org.owasp:dependency-check-maven from 12.2.0 to 12.2.1 (#1665)
lukaszlenart
(struts) branch main updated: build(deps): bump org.owasp:dependency-check-maven from 12.2.0 to 12.2.1 (#1664)
lukaszlenart
(struts) branch dependabot/github_actions/actions/upload-artifact-7.0.1 deleted (was 5522b3170)
lukaszlenart
(struts) branch dependabot/maven/main/org.owasp-dependency-check-maven-12.2.1 deleted (was 95e09cec2)
lukaszlenart
(struts) branch main updated: build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#1663)
lukaszlenart
(struts-intellij-plugin) tag v261.19017-nightly.3 created (now 737899c)
github-bot
(struts-intellij-plugin) branch dependabot/github_actions/actions/github-script-9.0.0 deleted (was d64bc8e)
lukaszlenart
(struts-intellij-plugin) branch main updated: ci(deps): bump actions/github-script from 8.0.0 to 9.0.0 (#79)
lukaszlenart
(struts-intellij-plugin) branch dependabot/github_actions/actions/github-script-9.0.0 updated (7570b70 -> d64bc8e)
github-bot
(struts-intellij-plugin) branch main updated: ci(deps): bump actions/cache from 5.0.4 to 5.0.5 (#77)
lukaszlenart
(struts-intellij-plugin) branch dependabot/github_actions/actions/cache-5.0.5 deleted (was 0828152)
lukaszlenart
(struts-intellij-plugin) branch dependabot/github_actions/actions/upload-artifact-7.0.1 deleted (was 28b2c36)
lukaszlenart
(struts-intellij-plugin) branch main updated: ci(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#78)
lukaszlenart
(struts) branch dependabot/maven/release/struts-6-8-x/org.owasp-dependency-check-maven-12.2.1 created (now f9cf3865a)
github-bot
(struts) branch dependabot/maven/main/org.owasp-dependency-check-maven-12.2.1 created (now 95e09cec2)
github-bot
(struts) branch dependabot/github_actions/actions/upload-artifact-7.0.1 created (now 5522b3170)
github-bot
(struts-intellij-plugin) branch dependabot/github_actions/actions/upload-artifact-7.0.1 created (now 28b2c36)
github-bot
(struts-intellij-plugin) branch dependabot/github_actions/actions/cache-5.0.5 created (now 0828152)
github-bot
(struts-intellij-plugin) branch dependabot/github_actions/actions/github-script-9.0.0 created (now 7570b70)
github-bot
(struts-intellij-plugin) annotated tag v261.19017.1 updated (213f102 -> a2b0b24)
github-bot
(struts-intellij-plugin) tag v261.19017-nightly.2 created (now 213f102)
github-bot
(struts-intellij-plugin) branch dependabot/github_actions/gradle/actions-6.1.0 deleted (was 59cfa10)
lukaszlenart
(struts-intellij-plugin) branch main updated: ci(deps): bump gradle/actions from 6.0.1 to 6.1.0 (#72)
lukaszlenart
(struts-intellij-plugin) branch dependabot/github_actions/gradle/actions-6.1.0 updated (dd48b9a -> 59cfa10)
github-bot
(struts-intellij-plugin) branch main updated: feat(diagram): resolve chain/redirect results as action-to-action edges (#76)
lukaszlenart
(struts-intellij-plugin) branch feat/diagram-chain-redirect-edges deleted (was c5e25fe)
lukaszlenart
(struts-intellij-plugin) branch dependabot/github_actions/gradle/actions-6.1.0 updated (2cfed3f -> dd48b9a)
github-bot
svn commit: r83731 - dev/struts/6.9.0
lukaszlenart
(struts) branch struts-6-9-0-RC created (now aeeaabfb9)
lukaszlenart
(struts) 01/01: [maven-release-plugin] prepare for next development iteration
lukaszlenart
(struts) annotated tag STRUTS_6_9_0 created (now 20f8152e3)
lukaszlenart
(struts) 01/01: [maven-release-plugin] prepare release STRUTS_6_9_0
lukaszlenart
(struts) branch ci/excludes-scorecards deleted (was 75feff16d)
lukaszlenart
(struts) branch support/struts-6-x-x updated: ci(scorecards): score cards analysis are only supported for default branch (#1661)
lukaszlenart
(struts) branch ci/excludes-scorecards created (now 75feff16d)
lukaszlenart
(struts) 01/01: ci(scorecards): score cards analysis are only supported for default branch
lukaszlenart
(struts) branch ci/adjust-ci-infra deleted (was 9ee46f076)
lukaszlenart
(struts) branch support/struts-6-x-x updated: ci(struts6): adjust workflows to use the new branch names (#1658)
lukaszlenart
(struts) branch main updated: cd(checks): uses proper context names for checks (#1660)
lukaszlenart
(struts) branch ci/struts6-check deleted (was c3b0558a1)
lukaszlenart
(struts) branch ci/struts6-check created (now c3b0558a1)
lukaszlenart
(struts) 01/01: cd(checks): uses proper context names for checks
lukaszlenart
(struts) branch ci/adjust-ci-infra updated (c9d70f19a -> 9ee46f076)
lukaszlenart
(struts) branch ci/support-struts-6 deleted (was 6c4609a83)
lukaszlenart
(struts) branch main updated: ci(struts6): adjusts workflows to use the new branch (#1659)
lukaszlenart
(struts) branch ci/support-struts-6 created (now 6c4609a83)
lukaszlenart
(struts) 01/01: ci(struts6): adjusts workflows to use the new branch
lukaszlenart
(struts) branch ci/adjust-ci-infra updated (582e92766 -> c9d70f19a)
lukaszlenart
(struts) branch ci/adjust-ci-infra created (now 582e92766)
lukaszlenart
(struts) 01/01: ci(struts6): adjust workflows to use the new branch names
lukaszlenart
(struts) branch support/struts-6-x-x created (now 94e3ffd1e)
lukaszlenart
(struts-intellij-plugin) tag v261.19017-nightly.1 created (now e1dada9)
github-bot
(struts) branch dependabot/maven/main/ognl-ognl-3.4.11 deleted (was 6bd977b9b)
lukaszlenart
(struts) branch main updated: build(deps): bump ognl:ognl from 3.4.10 to 3.4.11 (#1655)
lukaszlenart
(struts-intellij-plugin) branch feat/diagram-chain-redirect-edges created (now c5e25fe)
lukaszlenart
(struts-intellij-plugin) 01/01: feat(diagram): resolve chain/redirect results as action-to-action edges
lukaszlenart
(struts-intellij-plugin) branch main updated: ci(nightly): derive version from pluginVersion instead of tags (#75)
lukaszlenart
(struts-intellij-plugin) branch ci/nightly-version-from-gradle-properties deleted (was 066fcca)
lukaszlenart
(struts-intellij-plugin) branch ci/nightly-version-from-gradle-properties created (now 066fcca)
lukaszlenart
(struts-intellij-plugin) 01/01: ci(nightly): derive version from pluginVersion instead of tags
lukaszlenart
(struts-intellij-plugin) tag v261.18979-nightly.7 created (now 367a261)
github-bot
(struts-intellij-plugin) branch main updated: ci(depenedabot): add cooldown (#74)
lukaszlenart
(struts) branch ci/dependabot-cooldown deleted (was e77157236)
lukaszlenart
(struts) branch main updated: ci(dependabot): add cooldown (#1656)
lukaszlenart
(struts-intellij-plugin) branch ci/dependabot-cooldown deleted (was 2b10e5c)
lukaszlenart
(struts) branch ci/dependabot-cooldown created (now e77157236)
lukaszlenart
(struts) 01/01: ci(dependabot): add cooldown
lukaszlenart
(struts-intellij-plugin) branch ci/dependabot-cooldown created (now 2b10e5c)
lukaszlenart
(struts-intellij-plugin) branch ci/fix-plugin-version-and-cancel-policy deleted (was ce9dfc7)
lukaszlenart
(struts-intellij-plugin) branch main updated: ci: fix plugin version and build concurrency policy (#73)
lukaszlenart
(struts-intellij-plugin) branch ci/fix-plugin-version-and-cancel-policy created (now ce9dfc7)
lukaszlenart
(struts-intellij-plugin) 01/01: ci: fix plugin version and build concurrency policy
lukaszlenart
(struts-intellij-plugin) branch refactor/remove-experimental-CreateBeanPropertyFixes deleted (was 7a75ab2)
lukaszlenart
(struts-intellij-plugin) branch main updated: refactor: remove experimental CreateBeanPropertyFixes dependency (#71)
lukaszlenart
(struts-intellij-plugin) branch refactor/replace-deprecated-extend-class-names deleted (was a881fe0)
lukaszlenart
Earlier messages