Hi Sven,
> IMHO filtering/decorating of header resources is an advanced topic, so I > doubt many people are affect by these changes. > I'll take a look at migration guide. > I agree. After fixing the issue, all my CI tests pass and I did some exploratory testing in my main application. So if we can "document this issue away", +1 for releasing. Thomas On Fri, Oct 9, 2020 at 3:38 PM Sven Meier <s...@meiers.net> wrote: > Thanks! > > We could argue whether your tests were valid then anyways :P > > IMHO filtering/decorating of header resources is an advanced topic, so I > doubt many people are affect by these changes. > I'll take a look at migration guide. > > Have fun > Sven > > > On 09.10.20 15:18, Thomas Heigl wrote: > > Hi Sven, > > > > My unit test application was still applying a custom response decorator > > like this: > > > > @Override > >> protected void init() { > > .... > > > > setHeaderResponseDecorator(new > >> JavaScriptFilteredIntoFooterResponseDecorator()); > > } > > > > > > setHeaderResponseDecorator now disables resource aggregation and > > initialization of the application fails if CSP is enabled. > > > > Thomas > > > > On Fri, Oct 9, 2020 at 3:04 PM Andrea Del Bene <an.delb...@gmail.com> > wrote: > > > >> Hi Thomas > >> > >> On Fri, Oct 9, 2020 at 2:30 PM Thomas Heigl <tho...@umschalt.com> > wrote: > >> > >>> All my unit tests failed with the new release: > >>> > >>> java.lang.IllegalStateException: no resource aggregation > >>>> at > >>>> > >> > org.apache.wicket.markup.html.HeaderResponseDecoratorCollection.addPreResourceAggregationDecorator(HeaderResponseDecoratorCollection.java:84) > >>>> at > >>>> > >> > org.apache.wicket.csp.ContentSecurityPolicySettings.enforce(ContentSecurityPolicySettings.java:209) > >>>> at > >>>> > >> > org.apache.wicket.protocol.http.WebApplication.validateInit(WebApplication.java:784) > >>>> at org.apache.wicket.Application.initApplication(Application.java:765) > >>>> at > >>>> > >> > org.apache.wicket.util.tester.BaseWicketTester.<init>(BaseWicketTester.java:326) > >>>> at > >>>> > >> > org.apache.wicket.util.tester.BaseWicketTester.<init>(BaseWicketTester.java:255) > >>>> at > >>>> > >> > org.apache.wicket.util.tester.BaseWicketTester.<init>(BaseWicketTester.java:228) > >>>> at > >>> > org.apache.wicket.util.tester.WicketTester.<init>(WicketTester.java:199) > >>> > >>> > >>> My unit test application was still using the deprecated > >>> `Application.setHeaderResponseDecorator()`. I replaced it with > >>> `Application.getHeaderResponseDecorators().add()` and it now works as > >>> expected. > >>> > >>> I'm not sure how we should address this issue. Should the deprecated > >> method > >>> simply delegate to `getHeaderResponseDecorators().add()` instead of > >>> replacing all decorators? > >>> > >>> > >> This possible migration issue is part in the migration guide, although > it > >> has been added after the release of Wicket 9.0.0 when > >> a user on StackOverflow reported a problem related to this API change > (*). > >> I agree with you when you say we should do something to avoid possible > >> migration pitfalls, but instead of changing the current API behavior I'd > >> prefer > >> to simply add a warning message to setHeaderResponseDecorator in order > to > >> make users aware of this change. > >> > >> (*) > >> > >> > https://stackoverflow.com/questions/63158243/wicket-9-usage-of-javascriptfilteredintofooterheaderresponse-seems-to-cause-tro/63161063 > >> > >> > >>> Thomas > >>> > >>> On Fri, Oct 9, 2020 at 10:59 AM Andrea Del Bene <an.delb...@gmail.com> > >>> wrote: > >>> > >>>> +1 to release. Tested my main app > >>>> > >>>> On Thu, Oct 8, 2020 at 10:59 AM Maxim Solodovnik < > solomax...@gmail.com > >>>> wrote: > >>>> > >>>>> +1 > >>>>> > >>>>> all my tests are passed :) > >>>>> > >>>>> On Thu, 8 Oct 2020 at 00:46, Andrea Del Bene <an.delb...@gmail.com> > >>>> wrote: > >>>>>> This is a vote to release Apache Wicket 9.1.0 > >>>>>> > >>>>>> Please download the source distributions found in our staging area > >>>>>> linked below. > >>>>>> > >>>>>> I have included the signatures for both the source archives. This > >>> vote > >>>>>> lasts for 72 hours minimum. > >>>>>> > >>>>>> [ ] Yes, release Apache Wicket 9.1.0 > >>>>>> [ ] No, don't release Apache Wicket 9.1.0, because ... > >>>>>> > >>>>>> Distributions, changelog, keys and signatures can be found at: > >>>>>> > >>>>>> https://dist.apache.org/repos/dist/dev/wicket/9.1.0 > >>>>>> > >>>>>> Staging repository: > >>>>>> > >>>>>> > >> > https://repository.apache.org/content/repositories/orgapachewicket-1155/ > >>>>>> The binaries are available in the above link, as are a staging > >>>>>> repository for Maven. Typically the vote is on the source, but > >> should > >>>>>> you find a problem with one of the binaries, please let me know, I > >>> can > >>>>>> re-roll them some way or the other. > >>>>>> > >>>>>> Staging git repository data: > >>>>>> > >>>>>> Repository: g...@github.com:bitstorm/wicket.git > >>>>>> Branch: build/wicket-9.1.0 > >>>>>> Release tag: rel/wicket-9.1.0 > >>>>>> > >>>>>> > >>>>>> > >> ======================================================================== > >>>>>> The signatures for the source release artefacts: > >>>>>> > >>>>>> > >>>>>> Signature for apache-wicket-9.1.0.zip: > >>>>>> > >>>>>> -----BEGIN PGP SIGNATURE----- > >>>>>> > >>>>>> iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl99/FsACgkQh48B+qjT > >>>>>> VuE0kQ//TmQc53B9FrAgSWV8BKFAtxzjAhQiFilWp1/5vLyLZFUYAraQ6DMoH2GR > >>>>>> s2JMcbZJGmjplwG2Yy6LGXEksFV9wBTnEA4RGREV06K6ihx7Qm2zjgunZZSswZIr > >>>>>> MuLQYMnrXmAM2Qs071b17a5k2Gkw1+CST51KwOUD7u5l7UZOvUcXRL1xTBemOZ9s > >>>>>> RMbcbnjesxct3W2ASkGvULE7oHpBXrrDRHbv4mRFjWsSOjoasXJNtKJoUcoVtBnz > >>>>>> xwMlN/dZTEJLlj7uG2jW5mqFj+vfWP01UE+XR2HlJmW54puErcGE4+/haAJdvlwe > >>>>>> +rP2XNwAAD5rp3jIcpHerBOt7pruWEDhOwaydm0jJvsPh82SibKCmhnlJlxpdJE3 > >>>>>> udvMKvU/zcASLHOHZ33wF/JSvO9kCI4LHCEJfYICcNpTktpzNUrhMQkXOVTj3pGS > >>>>>> vcFB6/rFWWHxaxtUZKJTCb2tcCN5LMIr1Thcyb5BUCC2ZN8PqNSjI9L6EtzG7Jyd > >>>>>> PnkJiJayn6VUVr6WTP+UEVlqPvDTqg/yuhquQmYjz1uYPQS8lL5WpHUvQnmtiJ2S > >>>>>> yAeHNJm+pJRxDgs9CIAhAToTM38y09Y/aM2T5R+iOI6u/tLovFWBS8YxUYkUdPHP > >>>>>> /9YOBXan7Q1XqBz8W6nfsvrvtbZYhYfU0FOsxcgHK9pGbkxPWnA= > >>>>>> =0JCC > >>>>>> -----END PGP SIGNATURE----- > >>>>>> > >>>>>> Signature for apache-wicket-9.1.0.tar.gz: > >>>>>> > >>>>>> -----BEGIN PGP SIGNATURE----- > >>>>>> > >>>>>> iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl99/FsACgkQh48B+qjT > >>>>>> VuE4vQ//ZAhCOuedc/LCKKTQU/uE/nF+i9PcCS/SsFVJbvoCzyVSoSQwQCYbM+E4 > >>>>>> kd8YYr8CG1PNpKMyxsNuBEG9ttR8ZCDfEKIVD727y2vLk9L5SefY6/dRanLO/cc0 > >>>>>> 1rGYwtMfJby//P/pXdjeG6Qta3FHb2AcZtIyzPTFFciIuebccUsM48UDU6HT3weN > >>>>>> aKwgr5uUQVInVRV7pEGC0ziRMRkyYRStBLZNioR2BjCV7IxnWdeWTjapD9kAiY5H > >>>>>> 2d1J0ItW/4mtohKWiem4JPX1HTf+U2d02qTq2i5ykDKfytoMUvFlIuP0kl7J5K/t > >>>>>> NdfOzgcmMgZa+wjy0z46TEEdq63JdRu3Cpy3wkkTy9GF2+6UJdXQ1z9dbGbmNkTy > >>>>>> 0WZWGf85s8rekJVwt66TUih6Mlcl1Fb57zOYndrkb/AHB1ehF90JIf/DqLdplfbS > >>>>>> fFinL9Q7myeM2GM3uivmR6TF2ZvtCbGfiWQ4DKLTIXJYDsqxTDSDrroxk3j/P64h > >>>>>> 1havxw/X45FZsMaoMX7xdVO5drK65LSLpea0OpkHPWr9x0OetI4iQssxpUcoAXj0 > >>>>>> OPPZ66Luci/Au9rodmP7bW5X5ttlXxSjkvLRgk2GibD3NpcJHrHLF1UWeDwH5XIJ > >>>>>> Bsuw7X2vIgtzu2GCLHoudgGp9yQYXuxI5adnrC9Lyg+BeEQhc+U= > >>>>>> =rzeT > >>>>>> -----END PGP SIGNATURE----- > >>>>>> > >>>>>> > >> ======================================================================== > >>>>>> CHANGELOG for 9.1.0: > >>>>>> > >>>>>> ** Bug > >>>>>> > >>>>>> * [WICKET-6702] - AsynchronousPageStore with > >>>>>> NotDetachedModelChecker - "Not detached model found" exception on > >>>>>> several fast sequential Ajax calls > >>>>>> * [WICKET-6802] - FilePageStore writing to > >>>>>> UserDefinedFileAttributeView might be null > >>>>>> * [WICKET-6803] - wicket-objectsizeof-agent has no valid > >>>> automatic > >>>>>> module name > >>>>>> * [WICKET-6806] - CSP header response decorator breaks > >>>>>> JavaScriptFilteredIntoFooterHeaderResponse > >>>>>> * [WICKET-6808] - Cannot add page to AjaxRequestTarget > >>>>>> * [WICKET-6810] - Asynchronous+encrypted pagestore leads to > >>>>>> WicketRuntimeException > >>>>>> * [WICKET-6813] - Setting child-src does not update frame-src > >>>> after > >>>>>> initial assignment > >>>>>> * [WICKET-6818] - NPE in WicketEndpoint onClose > >>>>>> * [WICKET-6822] - AsynchronousPageStore Potential Memory Leak > >>>>>> * [WICKET-6825] - wicket-ioc 9.0.0 throws IAE with JDK14, > >> still > >>>>>> includes outdated ASM 7.1.0 in cglib-nodep > >>>>>> * [WICKET-6837] - Jupiter engine transitively included in war > >>> file > >>>>>> ** New Feature > >>>>>> > >>>>>> * [WICKET-6805] - Add Cross-Origin Opener Policy and > >>> Cross-Origin > >>>>>> Embedder Policy support > >>>>>> > >>>>>> ** Improvement > >>>>>> > >>>>>> * [WICKET-6786] - CsrfPreventionRequestCycleListener should > >>>> support > >>>>>> Fetch Metadata Request Headers > >>>>>> * [WICKET-6807] - Fake Submitting Button > >>>>>> * [WICKET-6821] - Completely disable CSP support > >>>>>> * [WICKET-6824] - Use concatenation instead of String.format > >> for > >>>>>> frequently called methods > >>>>>> * [WICKET-6826] - Improve performance and reduce allocations > >> for > >>>>>> Behaviors > >>>>>> * [WICKET-6827] - Improve performance of Strings.join and > >>>>>> Strings.replaceAll > >>>>>> * [WICKET-6828] - Wrong tree branch icon with hidden children > >>>>>> * [WICKET-6829] - Use String.isEmpty() instead of > >> "".equals(...) > >>>>>> * [WICKET-6830] - Convert Behaviors into a static utility > >> class > >>> to > >>>>>> reduce allocations > >>>>>> * [WICKET-6831] - Try to flush the response before detach > >>>>>> * [WICKET-6833] - Reduce allocations when merging page > >>> parameters > >>>>>> * [WICKET-6835] - Improve performance of > >>>>> AbstractMapper.getPlaceholder > >>>>>> * [WICKET-6838] - Improve performance of Strings.split > >>>>>> > >>>>>> > >>>>> -- > >>>>> Best regards, > >>>>> Maxim > >>>>> > >>>> > >>>> -- > >>>> Andrea Del Bene. > >>>> Apache Wicket committer. > >>>> > >> > >> -- > >> Andrea Del Bene. > >> Apache Wicket committer. > >> >