This is an automated email from the ASF dual-hosted git repository.
lukaszlenart pushed a change to branch feature/WW-5333-attribute-map
in repository https://gitbox.apache.org/repos/asf/struts.git
omit 2e9eb4d8b WW-5333 Refactors AttributeMap
add 20eafb632 WW-5340 Mild refactor StrutsOgnlGuard for easier subclassing
add 276ede4c8 WW-5340 Add debug logging for rejected form fields
add f4029f8fd WW-5340 Sanitize field names before logging
add fc03a2b69 Merge pull request #760 from apache/WW-5340-subclassable
add 8a95a3f48 Bump ossf/scorecard-action from 2.2.0 to 2.3.0
add a165c02ef Merge pull request #762 from
apache/dependabot/github_actions/ossf/scorecard-action-2.3.0
add 8ff8e42e7 Bump org.jfree:jfreechart from 1.5.1 to 1.5.4
add 23feab685 Merge pull request #740 from
apache/dependabot/maven/org.jfree-jfreechart-1.5.4
add 4155263e6 WW-5349 Remove Struts core dependency on OGNL VarRefs
add 6995eaf2f WW-5349 Remove corresponding unit tests
add 913f6bf3a Merge pull request #763 from apache/WW-5349-astvarref
add 62db310b0 Add JDK 21 build
add 9c12bb86b Fix JDK 21 build
add 00db84468 Convert test class to JUnit4
add b736eb281 Upgrade EasyMock
add f2834d252 Merge pull request #764 from apache/gh-actions-sonar-21
add 0432205a6 WW-5354 Ensure ActionSupport fields are not parameter
injectable
add 67da669f0 Merge pull request #765 from apache/WW-5354-block-params
add 39f81575f Upgrade Jackson and remove unnecessary transitive override
add 403c3c4a1 Unify HtmlUnit versions
add a750917fb Upgrade ASM and exclude conflicting artifact
add 43fb80e17 Merge pull request #767 from apache/fix-conflict-deps
add fb710f9ca Bump org.codehaus.mojo:versions-maven-plugin from 2.7 to
2.16.1
add 84c1b1d0e Merge pull request #768 from
apache/dependabot/maven/org.codehaus.mojo-versions-maven-plugin-2.16.1
add 74d2fdcc6 WW-5355 Use LRU cache by default
add 5011a7977 WW-5355 Prevent AtomicInteger being initialised to zero
add 9527da5d3 WW-5355 Initial Caffeine cache implementation
add 1573207ee WW-5355 Fix eviction limit in LRU cache not being enforced
add 6ff7e15bf WW-5355 Update JavaDoc for basic and LRU cache
add 9c932f203 WW-5355 Introduce new Struts constants and their defaults
add bfb4df13e WW-5355 Unify bootstrap constant declaration
add d245dc551 WW-5355 Introduce new cache type selection methods and
deprecate problematic setter injection
add 4700dca18 WW-5355 Downgrade Caffeine version
add 7463e1de1 WW-5355 Fix interface and unit test bug
add 28cc6459b WW-5355 Address code smells
add 793d38371 WW-5355 Delegate deprecated constructor
add 9be23d7a0 WW-5355 Extract constants into static final fields
add 3d5beae36 WW-5355 Declare bootstrap constants as final field instead
add f314b455f WW-5355 Add since tags to StrutsConstants JavaDoc
add 9dbea66f9 WW-5355 Amend Caffeine cache implementation
add 7cded18c0 WW-5355 Rename cache types
add 7afc77266 WW-5355 Bootstrap using basic cache
add cae627f35 Merge pull request #766 from apache/WW-5355-cache-lru
add e8562c78d Bump org.owasp:dependency-check-maven from 7.2.0 to 8.4.2
add fc5d1cabe Merge pull request #771 from
apache/dependabot/maven/org.owasp-dependency-check-maven-8.4.2
add 5bcf9e785 Improved charset retrieval to get only once.
add afe31cc01 Update
core/src/main/java/org/apache/struts2/url/StrutsUrlDecoder.java
add faa98d7af Update
core/src/main/java/org/apache/struts2/url/StrutsUrlDecoder.java
add b15b83dd0 Merge pull request #773 from
mygreen/improve-urldecoder-peformance
add c2aec9c07 WW-5358 Expand exclusion lists
add bd388956c Merge pull request #774 from apache/WW-5358-excl-list
add 3ef0aa709 Bump ossf/scorecard-action from 2.3.0 to 2.3.1
add 574da8111 Merge pull request #775 from
apache/dependabot/github_actions/ossf/scorecard-action-2.3.1
add f13284832 Bump junit:junit from 4.13.1 to 4.13.2
add 48b0c1173 Merge pull request #776 from
apache/dependabot/maven/junit-junit-4.13.2
add 453130666 Bump org.jacoco:jacoco-maven-plugin from 0.8.8 to 0.8.11
add 56fc1ddc5 Merge pull request #777 from
apache/dependabot/maven/org.jacoco-jacoco-maven-plugin-0.8.11
add 72d617012 Bump slf4j.version from 2.0.7 to 2.0.9
add d8bc96d17 Merge pull request #783 from
apache/dependabot/maven/slf4j.version-2.0.9
add 601fb0ff5 Bump net.sf.jasperreports:jasperreports from 6.20.5 to 6.20.6
add f511034ac Merge pull request #784 from
apache/dependabot/maven/net.sf.jasperreports-jasperreports-6.20.6
new edd3eb358 WW-5333 Refactors AttributeMap
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (2e9eb4d8b)
\
N -- N -- N refs/heads/feature/WW-5333-attribute-map (edd3eb358)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.github/workflows/maven.yml | 2 +-
.github/workflows/scorecards-analysis.yaml | 2 +-
apps/rest-showcase/pom.xml | 1 -
apps/showcase/pom.xml | 1 -
core/pom.xml | 5 +
.../xwork2/config/impl/DefaultConfiguration.java | 31 +++++--
.../xwork2/config/impl/MockConfiguration.java | 18 +++-
.../StrutsDefaultConfigurationProvider.java | 15 ++-
.../ognl/DefaultOgnlBeanInfoCacheFactory.java | 19 ++--
.../xwork2/ognl/DefaultOgnlCacheFactory.java | 70 ++++++++++----
.../ognl/DefaultOgnlExpressionCacheFactory.java | 25 ++---
.../opensymphony/xwork2/ognl/OgnlCacheFactory.java | 48 +++++++++-
.../xwork2/ognl/OgnlCaffeineCache.java | 78 ++++++++++++++++
.../opensymphony/xwork2/ognl/OgnlDefaultCache.java | 27 +++---
.../com/opensymphony/xwork2/ognl/OgnlLRUCache.java | 40 ++++----
.../com/opensymphony/xwork2/ognl/OgnlUtil.java | 65 +++++++------
.../security/DefaultExcludedPatternsChecker.java | 23 +----
.../java/org/apache/struts2/StrutsConstants.java | 57 ++++++------
.../java/org/apache/struts2/components/UIBean.java | 12 ---
.../multipart/JakartaMultiPartRequest.java | 29 +++---
.../org/apache/struts2/ognl/StrutsOgnlGuard.java | 36 ++++---
.../org/apache/struts2/url/StrutsUrlDecoder.java | 5 +-
.../org/apache/struts2/default.properties | 38 +++-----
.../src/main/resources/struts-excluded-classes.xml | 103 +++++++++++++--------
.../xwork2/inject/ContainerImplTest.java | 79 ++++++----------
.../interceptor/ParametersInterceptorTest.java | 16 +++-
.../com/opensymphony/xwork2/ognl/OgnlUtilTest.java | 13 ++-
.../org/apache/struts2/components/UIBeanTest.java | 38 --------
plugins/jasperreports/pom.xml | 2 +-
plugins/jfreechart/pom.xml | 2 +-
plugins/portlet/pom.xml | 9 --
pom.xml | 41 ++++----
32 files changed, 555 insertions(+), 395 deletions(-)
create mode 100644
core/src/main/java/com/opensymphony/xwork2/ognl/OgnlCaffeineCache.java
