ChristopherSchultz commented on code in PR #721:
URL: https://github.com/apache/tomcat/pull/721#discussion_r1572455403
##
java/org/apache/catalina/valves/AbstractAccessLogValve.java:
##
@@ -1756,10 +1776,14 @@ protected AccessLogElement
createAccessLogElement(String name, char
ChristopherSchultz commented on code in PR #721:
URL: https://github.com/apache/tomcat/pull/721#discussion_r1572451843
##
java/org/apache/catalina/valves/AbstractAccessLogValve.java:
##
@@ -1756,10 +1776,14 @@ protected AccessLogElement
createAccessLogElement(String name, char
MartinLei opened a new pull request, #722:
URL: https://github.com/apache/tomcat/pull/722
Using the Tomcat-JDBC library inside a Spring Native project causes the
compilation step of a GraalVM native image to crash with the given error.
> Exception in thread "main"
jose-galvez commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2066644940
I like it!! Definitely way better than my change which now seems like a bad
hack 藍 I can close this PR in favor of yours
--
This is an automated message from the Apache Git
jose-galvez closed pull request #720: Re-adding support for fractional seconds
in access log
URL: https://github.com/apache/tomcat/pull/720
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the
markt-asf commented on code in PR #721:
URL: https://github.com/apache/tomcat/pull/721#discussion_r1572301203
##
java/org/apache/catalina/valves/AbstractAccessLogValve.java:
##
@@ -1756,10 +1776,14 @@ protected AccessLogElement
createAccessLogElement(String name, char pattern)
ChristopherSchultz commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2066468644
Please have a look at a different PR which builds on some refactoring I just
pushed: https://github.com/apache/tomcat/pull/721
I think I like mine better.
--
This is an
jose-galvez commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2064310044
> Are you specifically talking about the ExtendedAccessLogValve's
`time-taken` token? If so, you're right, that documentation did not change yet
the underlying implementation did
ChristopherSchultz commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2063868914
Oh, I'm' sorry I didn't pick-up on the subtleties of your report.
Tomcat 10.1 is documented that the value for `%T` is in (presumably _whole_)
seconds. Tomcat 9 says it's
jose-galvez commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2063746801
It can, but in this case the documentation states that it didn't so I was
trying to bring it back to how it behaved before (which as an added bonus helps
us not change our scripts).
ChristopherSchultz commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2063733345
So nothing can ever change, then?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go
jose-galvez commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2061838297
> Why not use `%D` which is in milliseconds (Tomcat <10) or microseconds
(Tomcat >= 10)?
I wanted to keep parity on the behavior here with previous versions,
especially because
jose-galvez commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2061821679
> From memory that change was to align Tomcat's access log configuration
with httpd. It may well be that the correct fix here is to correct the
documentation. Separately, comparing this
ChristopherSchultz commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2061771435
Why not use `%D` which is in milliseconds (Tomcat <10) or microseconds
(Tomcat >= 10)?
--
This is an automated message from the Apache Git Service.
To respond to the message,
markt-asf commented on PR #720:
URL: https://github.com/apache/tomcat/pull/720#issuecomment-2061540617
From memory that change was to align Tomcat's access log configuration with
httpd. It may well be that the correct fix here is to correct the documentation.
Separately, comparing this
jose-galvez opened a new pull request, #720:
URL: https://github.com/apache/tomcat/pull/720
commit
[a8575ef](https://github.com/apache/tomcat/commit/a8575efbc1de64fe58c8fd99e53a0011b59a8e86)
removed support for seconds with floating point for the Extended Access Log
Valve and made it only
ilapavuluri opened a new issue, #55:
URL: https://github.com/apache/tomcat-jakartaee-migration/issues/55
I am using tomcat transformer for javax to jakarta conversion, in the
similar lines I converted my activemq-all 5.16.7 into jakarta using the same
tomcat transformer, no errors during
qauck opened a new pull request, #719:
URL: https://github.com/apache/tomcat/pull/719
These attributes no longer existing in corresponding
org.apache.tomcat.util.net.NioEndpoint, which will cause
java.lang.NoSuchMethodException at run time.
--
This is an automated message from the
rmaucher commented on PR #713:
URL: https://github.com/apache/tomcat/pull/713#issuecomment-2051302240
Thanks for pointing this out. Since tracking too many redundant stats is not
super useful, I decided to remove this one (it is now approximated by adding
the active sessions to the expired
rmaucher closed pull request #713: Sessioncounter
URL: https://github.com/apache/tomcat/pull/713
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
aooohan commented on PR #718:
URL: https://github.com/apache/tomcat/pull/718#issuecomment-2050851432
Tomcat 7 is end of life since March 2021, so we won't merge this change,
thanks.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to
aooohan closed pull request #718: fix CVE-2024-23672
URL: https://github.com/apache/tomcat/pull/718
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
hazendaz commented on PR #718:
URL: https://github.com/apache/tomcat/pull/718#issuecomment-2050846843
Not speaking for team but as onlooker, Tomcat 7 is end of life since March
2021. There are no further updates. So it wouldn't make sense to patch it.
It wouldn't be released anyways.
achibear opened a new pull request, #718:
URL: https://github.com/apache/tomcat/pull/718
Tomcat 8 fixed the CVE-2024-23672 vulnerability through commit
[3631adb1](https://github.com/apache/tomcat/commit/3631adb1342d8bbd8598802a12b63ad02c37d591).
However, we have discovered similar
dependabot[bot] closed pull request #715: Bump org.apache.tomcat:tomcat-coyote
from 11.0.0-M14 to 11.0.0-M17 in /modules/openssl-foreign
URL: https://github.com/apache/tomcat/pull/715
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to
dependabot[bot] commented on PR #717:
URL: https://github.com/apache/tomcat/pull/717#issuecomment-2050326077
Looks like org.apache.tomcat:tomcat-coyote is up-to-date now, so this is no
longer needed.
--
This is an automated message from the Apache Git Service.
To respond to the message,
dependabot[bot] closed pull request #716: Bump org.apache.tomcat:tomcat-coyote
from 9.0.83 to 9.0.86 in /modules/openssl-java21
URL: https://github.com/apache/tomcat/pull/716
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and
dependabot[bot] commented on PR #716:
URL: https://github.com/apache/tomcat/pull/716#issuecomment-2050326279
Looks like org.apache.tomcat:tomcat-coyote is up-to-date now, so this is no
longer needed.
--
This is an automated message from the Apache Git Service.
To respond to the message,
dependabot[bot] commented on PR #715:
URL: https://github.com/apache/tomcat/pull/715#issuecomment-2050326108
Looks like org.apache.tomcat:tomcat-coyote is up-to-date now, so this is no
longer needed.
--
This is an automated message from the Apache Git Service.
To respond to the message,
dependabot[bot] closed pull request #717: Bump org.apache.tomcat:tomcat-coyote
from 9.0.83 to 9.0.86 in /modules/openssl-java17
URL: https://github.com/apache/tomcat/pull/717
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and
dependabot[bot] closed pull request #714: Bump
org.apache.tomcat:tomcat-websocket from 11.0.0-M16 to 11.0.0-M17 in
/modules/stuffed
URL: https://github.com/apache/tomcat/pull/714
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub
dependabot[bot] commented on PR #714:
URL: https://github.com/apache/tomcat/pull/714#issuecomment-2050326037
Looks like org.apache.tomcat:tomcat-websocket is up-to-date now, so this is
no longer needed.
--
This is an automated message from the Apache Git Service.
To respond to the
dependabot[bot] opened a new pull request, #717:
URL: https://github.com/apache/tomcat/pull/717
Bumps org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86.
[![Dependabot compatibility
dependabot[bot] opened a new pull request, #716:
URL: https://github.com/apache/tomcat/pull/716
Bumps org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86.
[![Dependabot compatibility
dependabot[bot] opened a new pull request, #715:
URL: https://github.com/apache/tomcat/pull/715
Bumps org.apache.tomcat:tomcat-coyote from 11.0.0-M14 to 11.0.0-M17.
[![Dependabot compatibility
dependabot[bot] opened a new pull request, #714:
URL: https://github.com/apache/tomcat/pull/714
Bumps org.apache.tomcat:tomcat-websocket from 11.0.0-M16 to 11.0.0-M17.
[![Dependabot compatibility
rmaucher commented on PR #706:
URL: https://github.com/apache/tomcat/pull/706#issuecomment-2049169784
I had left the PR open since others could have been willing to go through
with it (or not, I don't know).
--
This is an automated message from the Apache Git Service.
To respond to the
Hakky54 commented on PR #706:
URL: https://github.com/apache/tomcat/pull/706#issuecomment-2049130432
Ah so your feeling is that this also might cause some regression while this
wrapper does not add that much value to the project itself. I can understand
that. Okay, thank you for your time
Hakky54 closed pull request #706: Simplify usage of custom ssl configuration
URL: https://github.com/apache/tomcat/pull/706
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To
rmaucher commented on PR #706:
URL: https://github.com/apache/tomcat/pull/706#issuecomment-2049093782
Your previous PR, which was integrated, unfortunately caused a very high
number of regressions that had to be fixed over multiple Tomcat releases. This
PR similarly seems uninteresting to
Hakky54 commented on PR #706:
URL: https://github.com/apache/tomcat/pull/706#issuecomment-2049034933
Hi @markt-asf
What do you think of this PR, would it make sense to have this kind of
wrapper, or does it needs to be adjusted or would you like me to close it and
disregard it?
rmaucher commented on PR #713:
URL: https://github.com/apache/tomcat/pull/713#issuecomment-2042934315
I think this field should simply be dropped in Tomcat 11, it's redundant
with the others. Shouldn't it be expired + active ? For the other branches I
would deprecate the field.
--
This
pangxianhai commented on PR #713:
URL: https://github.com/apache/tomcat/pull/713#issuecomment-2041713809
> Is this fixing an observed issue or a theoretical one?
observed issue. On the monitoring platform, we found that the sessionCounter
is less than the expiredSessions. The
markt-asf commented on PR #713:
URL: https://github.com/apache/tomcat/pull/713#issuecomment-2041577898
Is this fixing an observed issue or a theoretical one?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL
pangxianhai opened a new pull request, #713:
URL: https://github.com/apache/tomcat/pull/713
sessionCounter change to AtomicLong. Avoid inaccurate counting in concurrent
situations
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to
ChristopherSchultz commented on PR #712:
URL: https://github.com/apache/tomcat/pull/712#issuecomment-2032266991
Thank you for this PR, though I was already working on a patch and the unit
tests pass, so I'm going to commit my patch instead of yours. I will credit you
for the idea in the
ChristopherSchultz closed pull request #712: Changed simple synchronization to
ReentrantReadWriteLock
URL: https://github.com/apache/tomcat/pull/712
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to
songxiaosheng commented on PR #708:
URL: https://github.com/apache/tomcat/pull/708#issuecomment-2031977951
> Anyone who wants this should lobby the Jakarta Servlet Experts Group. It's
the only way this is likely to get into Tomcat.
Thank you. I feel it's worth a try
--
This is an
LupusMKW opened a new pull request, #712:
URL: https://github.com/apache/tomcat/pull/712
Due to
https://github.com/apache/tomcat/commit/4f33be682fda02a616baa0fd9b4965d248cfe1c1
our application does no longer work.
The commit improved the situation with respect to concurrent
ChristopherSchultz commented on PR #708:
URL: https://github.com/apache/tomcat/pull/708#issuecomment-2031945781
Anyone who wants this should lobby the Jakarta Servlet Experts Group. It's
the only way this is likely to get into Tomcat.
--
This is an automated message from the Apache Git
songxiaosheng commented on PR #708:
URL: https://github.com/apache/tomcat/pull/708#issuecomment-2031336540
> https://bz.apache.org/bugzilla/show_bug.cgi?id=57129
From the user's perspective, there is a greater risk in the uncertainty of
not sorting. Previous discussions did not seem
Leon-Schwandt opened a new pull request, #709:
URL: https://github.com/apache/tomcat/pull/709
Enables the USE_TLS_RESPONSE message to be changed at a global level. A
possible use case would be a redirect to HTTPS
--
This is an automated message from the Apache Git Service.
To respond to
markt-asf closed pull request #708: Sort the resource list,Ensure consistency
in the order of loading res…
URL: https://github.com/apache/tomcat/pull/708
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to
markt-asf commented on PR #708:
URL: https://github.com/apache/tomcat/pull/708#issuecomment-2006814096
Closing see https://bz.apache.org/bugzilla/show_bug.cgi?id=57129 for the
reasons.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on
zxm1234 opened a new pull request, #708:
URL: https://github.com/apache/tomcat/pull/708
…ources.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
ChristopherSchultz commented on PR #707:
URL: https://github.com/apache/tomcat/pull/707#issuecomment-2003805644
> Ok, so add back the protected static methods in 10.1, just in case.
Sounds good.
--
This is an automated message from the Apache Git Service.
To respond to the message,
rmaucher commented on PR #707:
URL: https://github.com/apache/tomcat/pull/707#issuecomment-2002509259
Ok, so add back the protected static methods in 10.1, just in case.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use
ChristopherSchultz commented on PR #707:
URL: https://github.com/apache/tomcat/pull/707#issuecomment-2002496427
Hmm... I've merged this PR but it occurs to me that maybe I should have
deprecated all those methods instead of removing them.
Thoughts?
--
This is an automated message
ChristopherSchultz merged PR #707:
URL: https://github.com/apache/tomcat/pull/707
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
ChristopherSchultz commented on code in PR #707:
URL: https://github.com/apache/tomcat/pull/707#discussion_r1527524948
##
java/org/apache/catalina/realm/JNDIRealm.java:
##
@@ -966,7 +967,7 @@ private String[] getCipherSuitesArray() {
liudongmiao closed pull request #32: support tomcat 8.5
URL: https://github.com/apache/tomcat-maven-plugin/pull/32
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To
markt-asf commented on code in PR #707:
URL: https://github.com/apache/tomcat/pull/707#discussion_r1526610303
##
java/org/apache/catalina/realm/JNDIRealm.java:
##
@@ -966,7 +967,7 @@ private String[] getCipherSuitesArray() {
ChristopherSchultz opened a new pull request, #707:
URL: https://github.com/apache/tomcat/pull/707
There was repeated code in various places in the source tree to spit simple
comma-separated strings using the regular expression pattern `\s*,\s*`. This PR
gathers those together into a
Hakky54 opened a new pull request, #706:
URL: https://github.com/apache/tomcat/pull/706
This PR is a followup of the following earlier PR
https://github.com/apache/tomcat/pull/673 Although that pull request didn't get
merged, the code changes has been comitted to the main branch by the
markt-asf commented on PR #701:
URL: https://github.com/apache/tomcat/pull/701#issuecomment-1984155698
The proposed change removes the explanatory comments. They need to be kept
so future maintainers can easily understand why the test is skipped for OS/400.
--
This is an automated
markt-asf merged PR #699:
URL: https://github.com/apache/tomcat/pull/699
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
anujdevopslearn closed pull request #705: Update MERGE.txt
URL: https://github.com/apache/tomcat/pull/705
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe,
rmaucher closed pull request #704: remove unnecessary code in
InputBuffer.available()
URL: https://github.com/apache/tomcat/pull/704
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific
rmaucher commented on PR #704:
URL: https://github.com/apache/tomcat/pull/704#issuecomment-1972669485
Thanks, but it looks equivalent to me.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the
rmaucher merged PR #703:
URL: https://github.com/apache/tomcat/pull/703
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
RealTake opened a new pull request, #703:
URL: https://github.com/apache/tomcat/pull/703
Hello I was checking the code regarding the "Content-length" of the response
and found it.
In my opinion, it is because I decided that it is unnecessary to double
check !coyoteResponse.isCommitted()
rmaucher closed pull request #702: Avoid performance issues that may arise when
the array is large.
URL: https://github.com/apache/tomcat/pull/702
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to
rmaucher commented on PR #702:
URL: https://github.com/apache/tomcat/pull/702#issuecomment-1969224578
I added some optimizations, still based on the array. If you investigate
something, then fully using a LinkedHashSet would likely be better than HashSet
+ array. Please provide actual
markt-asf commented on PR #700:
URL: https://github.com/apache/tomcat/pull/700#issuecomment-1969192558
I'm closing this as I have come up with a better plan that makes slightly
better uses of the existing facades to trigger some NPEs when this happens.
--
This is an automated message
markt-asf closed pull request #700: Attempt to protect against asynchronous
thread safety violations
URL: https://github.com/apache/tomcat/pull/700
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to
rmaucher commented on PR #702:
URL: https://github.com/apache/tomcat/pull/702#issuecomment-1968755182
I think FilterDef getAsyncSupported can be optimized. But I'm not super
convinced by the rest. Where is the inflection point ?
--
This is an automated message from the Apache Git
CloudWise-Lukemiao opened a new pull request, #701:
URL: https://github.com/apache/tomcat/pull/701
Code optimization removed the null eval statement code if os400 is true in
the script
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on
rmaucher commented on PR #700:
URL: https://github.com/apache/tomcat/pull/700#issuecomment-1964203702
I feel ok with this sort of thread safety additions [there could be a lot !]
if they have a system property to enable them. Then it becomes useful as a way
to detect problems, although I
markt-asf commented on PR #699:
URL: https://github.com/apache/tomcat/pull/699#issuecomment-1964191235
@ChristopherSchultz I don't think so. We'd see test failures if that were
the case.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log
markt-asf commented on PR #700:
URL: https://github.com/apache/tomcat/pull/700#issuecomment-1964174647
Fair point.
The complicating factor is that there are so many entry points that a
non-container thread could use. A complete solution would need to, effectively,
wrap the
ChristopherSchultz commented on PR #699:
URL: https://github.com/apache/tomcat/pull/699#issuecomment-1964139328
@markt-asf Any chance this was a copy/paste error that should be corrected
in a different way (e.g. there is actually a missing cipher)?
--
This is an automated message from
rmaucher commented on PR #700:
URL: https://github.com/apache/tomcat/pull/700#issuecomment-1964127701
Anywhere else can also be similarly synced, then. I don't think it is a good
idea to insert random thread safety safeguards in addition to what the
specification mandates. Time for a
markt-asf opened a new pull request, #700:
URL: https://github.com/apache/tomcat/pull/700
Providing this as a PR as it isn't strictly a Tomcat bug or Tomcat's problem
to solve. That said, we do see some asynchronous bug reports and this might
help highlight application issues early and
dsoumis opened a new pull request, #699:
URL: https://github.com/apache/tomcat/pull/699
(no comment)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe,
kysmith-csg opened a new pull request, #54:
URL: https://github.com/apache/tomcat-jakartaee-migration/pull/54
This PR fixes OSGI manifest processing. As it is now, this tool creates
invalid manifest headers. My changes fix two problems that I saw while trying
to use this:
1.
codecov-commenter commented on PR #53:
URL:
https://github.com/apache/tomcat-jakartaee-migration/pull/53#issuecomment-1955490302
##
dependabot[bot] opened a new pull request, #53:
URL: https://github.com/apache/tomcat-jakartaee-migration/pull/53
Bumps org.apache.commons:commons-compress from 1.25.0 to 1.26.0.
[