Hi, Agreed, but first, the documentation needs to be updated with the new API. I like most of the changes, except for the new method name for 'getContentSecurityPolicySettings()'. IMHO it's too long and everyone calls it CSP. I'd rather stick with 'getCspSettings()'. The documentation in 'ContentSecurityPolicySettings' is already missing 'Policy'.
Best regards, Emond On Thu, Mar 12, 2020 at 8:16 AM Martin Grigorov <mgrigo...@apache.org> wrote: > > Hi, > > Sven just made some API breaking changes with > https://gitbox.apache.org/repos/asf?p=wicket.git;h=88e8d36, for good! > If we want the next release to be the final one then I suggest to cancel > this vote and start over with the new change. > > Martin > > On Tue, Mar 10, 2020 at 10:50 PM Andrea Del Bene <an.delb...@gmail.com> > wrote: > > > This is a vote to release Apache Wicket 9.0.0-M5 > > > > Please download the source distributions found in our staging area > > linked below. > > > > I have included the signatures for both the source archives. This vote > > lasts for 72 hours minimum. > > > > [ ] Yes, release Apache Wicket 9.0.0-M5 > > [ ] No, don't release Apache Wicket 9.0.0-M5, because ... > > > > Distributions, changelog, keys and signatures can be found at: > > > > https://dist.apache.org/repos/dist/dev/wicket/9.0.0-M5 > > > > Staging repository: > > > > https://repository.apache.org/content/repositories/orgapachewicket-1137/ > > > > The binaries are available in the above link, as are a staging > > repository for Maven. Typically the vote is on the source, but should > > you find a problem with one of the binaries, please let me know, I can > > re-roll them some way or the other. > > > > Staging git repository data: > > > > Repository: g...@github.com:bitstorm/wicket.git > > Branch: build/wicket-9.0.0-M5 > > Release tag: rel/wicket-9.0.0-M5 > > > > > > ======================================================================== > > > > The signatures for the source release artefacts: > > > > > > Signature for apache-wicket-9.0.0-M5.zip: > > > > -----BEGIN PGP SIGNATURE----- > > > > iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl5n/CoACgkQh48B+qjT > > VuHd2RAAijpTFLBY5tr9GOjZPk0y//Kog/8IYi9dJjkOtJtFky7UhNzlmFVx7Yz7 > > hbc5ecLeeXz3oLZHkECjKda5086aopXzFzsS8jLQM1/yqZ4jD2zd1E7evw+Kxj+v > > cOi6+XxV8m508R7qs8pob9rs5Z/wfDocEOvVBM4SNxFCmFxENUvwImgEq89Vg2pQ > > iMjFK2zUk4L82cc1hEN3+GKfe1LvnlDJIp2ebP+ntlBr8Nrc7MR/jOrJxSRr+wBp > > /U6y9jEVSuR5rrN4KKFvSLDfGOdOvug6JVhzVFJ6lKjqSKPNQ4Ml+ZWe2cEdu/qD > > VYEn4kaioVX539424HugXQK1Z4jvNA0NJVmvWuYOsZYQeRGlccOzAsgXuYUNFllR > > UmCw1mpFLz0OMSfFdv125gj4MxSOsl+H5eY4LJuZWBfk/6BXRBDINJo4kjaq7tq1 > > GLfVoHB5dvrDp3R9WsFzGQJA4InrF8w+/m08p1haRiny0Vqch4s/zTG82nrp9bPR > > Iyrt97SAWquXeMwRXqdA68cBvB5UjTkbdI6BtP7pNMGtklaV2R9vbdU18opIJf0K > > ANzjxROr+DkgEcmthLIKlkErKr+UfeAZU84lRMfaD4QlWFB4jmwW+BEBiCMUSia2 > > 8IHaOJ8OBMXuBD7dK9dnpm6FoOY8qCYGAwBPzM5l2bzj+50s9a0= > > =qrHX > > -----END PGP SIGNATURE----- > > > > Signature for apache-wicket-9.0.0-M5.tar.gz: > > > > -----BEGIN PGP SIGNATURE----- > > > > iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl5n/CkACgkQh48B+qjT > > VuHvRA//ekwcb/9Lb1q1g33chXIpXAxXQJe/mOdX2rDPQUQIN2Diw8V2a9ZuFdFb > > 7AUKXfMHBk9zOZO7HKWI1FBUp0UW9VC8p4ut+5ssBWjEaF/FKxzh/rG4J7vG9Tul > > oD6KlAE4h7dx/lERbpKZy9Vs/Po65+oIypf3sD+iVFms7I0jxiE/81P8kMSEuD2S > > l4pzXnKmMkuzfSkTJLOak6K6Rho8a+rsvWzr/NjG3yJ23M04Oi589Eft66MEMZFw > > N8VgWRuBBIQkIzIlCmLu1xTbk/j95Qnt5lgCs2E4gCVfH0qlmsTroFVCjDW97WEX > > /Iq7Dk0XUjMP7u9d+JXceLObFVi8/rng803M260h2WbRC0zbSq78RSdDk1fNQWlM > > 5OXvS2Q0dp73+gn1VBc3lt/7TzUeIzq2aQlG3GsOBTH3ZU+G8HCaGmIL7b4Ge27J > > rtxLG6bnBIEXmr96cDXPDqdIuthMCIHB1DcitHPDCyHISXXCC+1ZJXcLACi/dgVF > > trbjJJFpaVYQeNLFLUYZZZzvCUFClAfE47ieSRmWUIjMNn2Ob6EslYHqK7qxlbzE > > eUFSkhpfzU31RGXoaEwTJLe8uweIJ/lWouy8PajsiMGmVHeWjorMn37UTLoZxIKo > > uUHpAZoFp1DHYPqOWPPxrymHctYEMAtSfbmLSV590qaCIYr3fiw= > > =UkVf > > -----END PGP SIGNATURE----- > > > > ======================================================================== > > > > CHANGELOG for 9.0.0-M5: > > > > ** Bug > > > > * [WICKET-6745] - CSP: inline JS in server and client time response > > filters > > * [WICKET-6746] - HttpsMapper cannot deal with resources over > > websockets > > * [WICKET-6752] - Some dependencies contain CVEs > > * [WICKET-6753] - res/modal.js using aria-labelledby where it > > should be using aria-label > > * [WICKET-6754] - Iteration stops with nested containers > > > > ** New Feature > > > > * [WICKET-6727] - Configurable CSP > > * [WICKET-6729] - allow adding IHeaderResponseDecorator without > > replacing all others > > * [WICKET-6730] - Global access to secure random data > > > > ** Improvement > > > > * [WICKET-6724] - CSP: Inline Javascript in AjaxLink > > * [WICKET-6725] - CSP: display:none in Component.renderPlaceholderTag > > * [WICKET-6726] - CSP: inline styling and js in Form submitbutton > > handling > > * [WICKET-6731] - CSP: inline JS in SubmitLink > > * [WICKET-6732] - CSP: inline JS in Link and ExternalLink > > * [WICKET-6733] - CSP: enable by default > > * [WICKET-6735] - CSP: inline styling in > > FormComponentFeedbackBorder/Indicator > > * [WICKET-6736] - CSP: Inline styling in BrowserInfoForm > > * [WICKET-6737] - CSP: violations in examples > > * [WICKET-6738] - CSP: inline styling in UploadProgressBar > > * [WICKET-6739] - CSP: inline JS in Palette > > * [WICKET-6740] - CSP: inline JS in Button > > * [WICKET-6741] - CSP: inline JS in FormComponentUpdatingBehavior > > * [WICKET-6749] - CSP: Inline styling in ExceptionErrorPage.html > > * [WICKET-6750] - add capability to cancel ongoing AJAX requests > > from client side > > > > ** Task > > > > * [WICKET-6687] - Cleanup the code from attribute inline styles and > > attribute inline scripts > > * [WICKET-6747] - Document CSP in user guide and migration guide > > > >
