[jira] [Commented] (MJAVADOC-528) Invalid 'expires' attribute

ASF GitHub Bot (Jira) Tue, 15 Aug 2023 00:36:06 -0700


    [ 
https://issues.apache.org/jira/browse/MJAVADOC-528?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17754468#comment-17754468
 ]


ASF GitHub Bot commented on MJAVADOC-528:
-----------------------------------------

dependabot[bot] opened a new pull request, #141:
URL: https://github.com/apache/maven-javadoc-plugin/pull/141

   Bumps [gson](https://github.com/google/gson) from 2.5 to 2.8.9.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a href="https://github.com/google/gson/releases";>gson's 
releases</a>.</em></p>
   <blockquote>
   <h2>Gson 2.8.9</h2>
   <ul>
   <li>Make OSGi bundle's dependency on <code>sun.misc</code> optional (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1993";>#1993</a>).</li>
   <li>Deprecate <code>Gson.excluder()</code> exposing internal 
<code>Excluder</code> class (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1986";>#1986</a>).</li>
   <li>Prevent Java deserialization of internal classes (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1991";>#1991</a>).</li>
   <li>Improve number strategy implementation (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1987";>#1987</a>).</li>
   <li>Fix LongSerializationPolicy null handling being inconsistent with Gson 
(<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1990";>#1990</a>).</li>
   <li>Support arbitrary Number implementation for Object and Number 
deserialization (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1290";>#1290</a>).</li>
   <li>Bump proguard-maven-plugin from 2.4.0 to 2.5.1 (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1980";>#1980</a>).</li>
   <li>Don't exclude static local classes (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1969";>#1969</a>).</li>
   <li>Fix <code>RuntimeTypeAdapterFactory</code> depending on internal 
<code>Streams</code> class (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1959";>#1959</a>).</li>
   <li>Improve Maven build (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1964";>#1964</a>).</li>
   <li>Make dependency on <code>java.sql</code> optional (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1707";>#1707</a>).</li>
   </ul>
   <h2>Gson 2.8.8</h2>
   <ul>
   <li>Fixed issue with recursive types (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1390";>#1390</a>).</li>
   <li>Better behaviour with Java 9+ and <code>Unsafe</code> if there is a 
security manager (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1712";>#1712</a>).</li>
   <li><code>EnumTypeAdapter</code> now works better when ProGuard has 
obfuscated enum fields (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1495";>#1495</a>).</li>
   </ul>
   </blockquote>
   </details>
   <details>
   <summary>Changelog</summary>
   <p><em>Sourced from <a 
href="https://github.com/google/gson/blob/master/CHANGELOG.md";>gson's 
changelog</a>.</em></p>
   <blockquote>
   <h2>Version 2.8.9</h2>
   <ul>
   <li>Make OSGi bundle's dependency on <code>sun.misc</code> optional (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1993";>#1993</a>).</li>
   <li>Deprecate <code>Gson.excluder()</code> exposing internal 
<code>Excluder</code> class (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1986";>#1986</a>).</li>
   <li>Prevent Java deserialization of internal classes (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1991";>#1991</a>).</li>
   <li>Improve number strategy implementation (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1987";>#1987</a>).</li>
   <li>Fix LongSerializationPolicy null handling being inconsistent with Gson 
(<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1990";>#1990</a>).</li>
   <li>Support arbitrary Number implementation for Object and Number 
deserialization (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1290";>#1290</a>).</li>
   <li>Bump proguard-maven-plugin from 2.4.0 to 2.5.1 (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1980";>#1980</a>).</li>
   <li>Don't exclude static local classes (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1969";>#1969</a>).</li>
   <li>Fix <code>RuntimeTypeAdapterFactory</code> depending on internal 
<code>Streams</code> class (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1959";>#1959</a>).</li>
   <li>Improve Maven build (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1964";>#1964</a>).</li>
   <li>Make dependency on <code>java.sql</code> optional (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1707";>#1707</a>).</li>
   </ul>
   <h2>Version 2.8.8</h2>
   <ul>
   <li>Fixed issue with recursive types (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1390";>#1390</a>).</li>
   <li>Better behaviour with Java 9+ and <code>Unsafe</code> if there is a 
security manager (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1712";>#1712</a>).</li>
   <li><code>EnumTypeAdapter</code> now works better when ProGuard has 
obfuscated enum fields (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1495";>#1495</a>).</li>
   </ul>
   <h2>Version 2.8.7</h2>
   <ul>
   <li>Fixed <code>ISO8601UtilsTest</code> failing on systems with UTC+X.</li>
   <li>Improved javadoc for <code>JsonStreamParser</code>.</li>
   <li>Updated proguard.cfg (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1693";>#1693</a>).</li>
   <li>Fixed <code>IllegalStateException</code> in <code>JsonTreeWriter</code> 
(<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1592";>#1592</a>).</li>
   <li>Added <code>JsonArray.isEmpty()</code> (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1640";>#1640</a>).</li>
   <li>Added new test cases (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1638";>#1638</a>).</li>
   <li>Fixed OSGi metadata generation to work on JavaSE &lt; 9 (<a 
href="https://github-redirect.dependabot.com/google/gson/issues/1603";>#1603</a>).</li>
   </ul>
   <h2>Version 2.8.6</h2>
   <p><em>2019-10-04</em>  <a 
href="https://github.com/google/gson/compare/gson-parent-2.8.5...gson-parent-2.8.6";>GitHub
 Diff</a></p>
   <ul>
   <li>Added static methods <code>JsonParser.parseString</code> and 
<code>JsonParser.parseReader</code> and deprecated instance method 
<code>JsonParser.parse</code></li>
   <li>Java 9 module-info support</li>
   </ul>
   <h2>Version 2.8.5</h2>
   <p><em>2018-05-21</em>  <a 
href="https://github.com/google/gson/compare/gson-parent-2.8.4...gson-parent-2.8.5";>GitHub
 Diff</a></p>
   <ul>
   <li>Print Gson version while throwing AssertionError and 
IllegalArgumentException</li>
   <li>Moved <code>utils.VersionUtils</code> class to 
<code>internal.JavaVersion</code>. This is a potential backward incompatible 
change from 2.8.4</li>
   <li>Fixed issue <a 
href="https://github-redirect.dependabot.com/google/gson/issues/1310";>google/gson#1310</a>
 by supporting Debian Java 9</li>
   </ul>
   <h2>Version 2.8.4</h2>
   <p><em>2018-05-01</em>  <a 
href="https://github.com/google/gson/compare/gson-parent-2.8.3...gson-parent-2.8.4";>GitHub
 Diff</a></p>
   <ul>
   <li>Added a new FieldNamingPolicy, <code>LOWER_CASE_WITH_DOTS</code> that 
mapps JSON name <code>someFieldName</code> to <code>some.field.name</code></li>
   <li>Fixed issue <a 
href="https://github-redirect.dependabot.com/google/gson/issues/1305";>google/gson#1305</a>
 by removing compile/runtime dependency on <code>sun.misc.Unsafe</code></li>
   </ul>
   <h2>Version 2.8.3</h2>
   <p><em>2018-04-27</em>  <a 
href="https://github.com/google/gson/compare/gson-parent-2.8.2...gson-parent-2.8.3";>GitHub
 Diff</a></p>
   <ul>
   <li>Added a new API, <code>GsonBuilder.newBuilder()</code> that clones the 
current builder</li>
   <li>Preserving DateFormatter behavior on JDK 9</li>
   </ul>
   <!

> Invalid 'expires' attribute
> ---------------------------
>
>                 Key: MJAVADOC-528
>                 URL: https://issues.apache.org/jira/browse/MJAVADOC-528
>             Project: Maven Javadoc Plugin
>          Issue Type: Bug
>          Components: javadoc
>    Affects Versions: 3.0.1
>            Reporter: Roberto Benedetti
>            Assignee: Guillaume Boué
>            Priority: Major
>              Labels: detectLinks
>             Fix For: 3.1.0
>
>         Attachments: cookie.patch
>
>
> When detectLinks is enabled and the plugin checks if the url is valid, 
> warnings like this
> {code:java}
> Invalid cookie header: "Set-Cookie: logged_in=no; domain=.github.com; path=/; 
> expires=Sun, 06 Jun 2038 14:02:43 -0000; secure; HttpOnly". Invalid 'expires' 
> attribute: Sun, 06 Jun 2038 14:02:43 -0000
> {code}
> may appear.
> Previous warning was due to {{com.google.code.gson:gson:jar:2.5}} dependency 
> and is raised by HttpClient which does not expect 'expires' values compliant 
> to RFC 6265.
>  The attachment is a patch which makes HttpClient ignore cookies. Maybe a 
> better solution would be upgrading to the latest HttpComponents API which 
> supports RFC 6265.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MJAVADOC-528) Invalid 'expires' attribute

Reply via email to