Hi,
I tried to upgrade to Struts 6.0.0 but now I got the following error. I
have no idea yet what the problem is:
2022-06-07 13:08:29,153 ERROR [io.undertow.request] (default task-1/)
UT005071: Undertow request failed HttpServerExchange{ GET
/WEB-INF/error.html}: java.lang.NoClassDefFoundError:
Lorg/apache/commons/text/StringSubstitutor;
at java.base/java.lang.Class.getDeclaredFields0(Native Method)
at java.base/java.lang.Class.privateGetDeclaredFields(Class.java:3061)
at java.base/java.lang.Class.getDeclaredFields(Class.java:2248)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerImpl.addInjectors(ContainerImpl.java:88)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerImpl$1.create(ContainerImpl.java:70)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerImpl$1.create(ContainerImpl.java:66)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.util.ReferenceCache$CallableCreate.call(ReferenceCache.java:155)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.util.ReferenceCache.internalCreate(ReferenceCache.java:79)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.util.ReferenceCache.get(ReferenceCache.java:123)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerImpl$ConstructorInjector.<init>(ContainerImpl.java:358)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerImpl$5.create(ContainerImpl.java:313)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerImpl$5.create(ContainerImpl.java:309)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.util.ReferenceCache$CallableCreate.call(ReferenceCache.java:155)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.util.ReferenceCache.internalCreate(ReferenceCache.java:79)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.util.ReferenceCache.get(ReferenceCache.java:123)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerImpl.getConstructor(ContainerImpl.java:601)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerBuilder$5.create(ContainerBuilder.java:251)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.Scope$2$1.create(Scope.java:53)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerBuilder$3.create(ContainerBuilder.java:118)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerBuilder$7.call(ContainerBuilder.java:616)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerBuilder$7.call(ContainerBuilder.java:613)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerImpl.callInContext(ContainerImpl.java:579)
at
deployment.webstore.ear//com.opensymphony.xwork2.inject.ContainerBuilder.create(ContainerBuilder.java:613)
at
deployment.webstore.ear//com.opensymphony.xwork2.config.impl.DefaultConfiguration.createBootstrapContainer(DefaultConfiguration.java:316)
at
deployment.webstore.ear//com.opensymphony.xwork2.config.impl.DefaultConfiguration.reloadContainer(DefaultConfiguration.java:183)
at
deployment.webstore.ear//com.opensymphony.xwork2.config.ConfigurationManager.getConfiguration(ConfigurationManager.java:65)
at
deployment.webstore.ear//org.apache.struts2.dispatcher.Dispatcher.getContainer(Dispatcher.java:1035)
at
deployment.webstore.ear//org.apache.struts2.dispatcher.Dispatcher.init_PreloadConfiguration(Dispatcher.java:516)
at
deployment.webstore.ear//org.apache.struts2.dispatcher.Dispatcher.init(Dispatcher.java:549)
at
deployment.webstore.ear//org.apache.struts2.dispatcher.InitOperations.initDispatcher(InitOperations.java:44)
at
deployment.webstore.ear//org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.init(StrutsPrepareAndExecuteFilter.java:60)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:111)
at org.wildfly.extension.under...@7.4.4.ga-redhat-00011
//org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:84)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:97)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.core.ManagedFilter.createFilter(ManagedFilter.java:80)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.core.ManagedFilter.forceInit(ManagedFilter.java:125)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletChain.forceInit(ServletChain.java:126)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:63)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at io.undertow.core@2.2.16.Final-redhat-00001
//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at io.undertow.core@2.2.16.Final-redhat-00001
//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.core@2.2.16.Final-redhat-00001
//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:257)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler.dispatchToPath(ServletInitialHandler.java:182)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.spec.RequestDispatcherImpl.error(RequestDispatcherImpl.java:504)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.spec.RequestDispatcherImpl.error(RequestDispatcherImpl.java:425)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:314)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:79)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:134)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:131)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.under...@7.4.4.ga-redhat-00011
//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.under...@7.4.4.ga-redhat-00011
//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1551)
at org.wildfly.extension.under...@7.4.4.ga-redhat-00011
//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1551)
at org.wildfly.extension.under...@7.4.4.ga-redhat-00011
//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1551)
at org.wildfly.extension.under...@7.4.4.ga-redhat-00011
//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1551)
at org.wildfly.extension.under...@7.4.4.ga-redhat-00011
//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1551)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:255)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:79)
at io.undertow.servlet@2.2.16.Final-redhat-00001
//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:100)
at io.undertow.core@2.2.16.Final-redhat-00001
//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
at io.undertow.core@2.2.16.Final-redhat-00001
//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:852)
at org.jboss.threads@2.4.0.Final-redhat-00001
//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads@2.4.0.Final-redhat-00001
//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at org.jboss.threads@2.4.0.Final-redhat-00001
//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at org.jboss.threads@2.4.0.Final-redhat-00001
//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at org.jboss.xnio@3.8.6.Final-redhat-00001
//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
at java.base/java.lang.Thread.run(Thread.java:829)
*Caused by: java.lang.ClassNotFoundException:
org.apache.commons.text.StringSubstitutor* from [Module
"deployment.webstore.ear" from Service Module Loader]
at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:255)
at
org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:410)
at
org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)
at
org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:116)
... 72 more
Regards, Tamás
On Tue, Jun 7, 2022 at 10:22 AM Lukasz Lenart <lukaszlen...@apache.org>
wrote:
> The Apache Struts group is pleased to announce that Apache Struts 2
> ver. 6.0.0 is available as a "General Availability"
> release. The GA designation is our highest quality grade.
>
> **Version change**
>
> You may be surprised by the version change, previously we have been
> using Struts 2.5.x versioning schema, but this was
> a bit misleading. Struts 2 is a different framework than Struts 1 and
> its versioning is supposed to start with 1.0.0.
> Yet that never happened. With each breaking change release (like
> Struts 2.5), we had been only upgrading the MINOR
> part of the versioning schema. To fix that problem as from Struts 2
> ver. 6.0.0 (aka Struts 2.6) we adopt a proper SemVer
> to avoid such confusion.
>
> **Internal Changes**
>
> The framework requires Java 8 at runtime. Also Servlet API 3.1 capable
> container is required.
>
> OGNL expressions are limited to 256 characters by default. See
> [WW-5179] and [docs] for more details.
> https://issues.apache.org/jira/browse/WW-5179
>
> https://struts.apache.org/security/#apply-a-maximum-allowed-length-on-ognl-expressions
>
> Yasser's PR has been merged which contains a fix to double evaluation
> security vulnerability - it should solve any future
> attack vectors, yet it can impact your application if you have been
> depending on double evaluation.
>
> How to test:
> - Run all your app tests, you shouldn't see any WARN log like below:
> Expression [so-and-so] isn't allowed by pattern [so-and-so]! See
> Accepted / Excluded patterns at https://struts.apache.org/security/
> - See if following components are still functioning correctly
> regarding java-scripts:
> - forms with client side validations
> - doubleselect
> - combobox
> - Check also `StreamResult`s, `AliasInterceptor` and
> `JasperReportResult`s if they are still working as expected.
>
> Support to access static methods via OGNL expressions has been
> removed, use action instance methods instead.
>
> **Bug**
>
> - WW-3534 - PrepareOperations.createActionContext does not detect
> existing context correctly
> - WW-3730 - action tag accepts only String arrays as parameters
> - WW-4723 - s:url incompatible with JDK 1.5
> - WW-4742 - Problem with escape when the key from getText has no value
> - WW-4865 - Struts s:checkbox conversion fails to List<Integer>
> - WW-4866 - ASM 5.2 and Java 9 leads to IllegalArgumentException
> - WW-4897 - KEYS, sigs and hashes should use https (SSL)
> - WW-4902 - Struts 2 fails to init Dispatcher - Tomcat Embedded
> - WW-4928 - Setting struts.devMode from system property not working as
> described
> - WW-4930 - SMI cannot be diasabled for action-packages found via the
> convention-plugin
> - WW-4941 - [jar_cache] Some jar_cache******.tmp files are generated
> into a temporary directory(/tmp) during web service start
> - WW-4943 - opensymphony.xwork2.util.LocalizedTextUtil can't get i18n
> resources
> - WW-4944 - Struts 2 REST Tiles integration issue
> - WW-4945 - TagUtils#buildNamespace should throw an exception when
> invocation is null
> - WW-4946 - Strtus 2 spring integrations is failing - fails to init
> Dispatcher - Tomcat Embedded
> - WW-4948 - Struts 2.5.16 is creating jar_cache files in temp folder
> - WW-4951 - MD5 and SHA1 should no longer be provided on download pages
> - WW-4954 - xml-validation fails since struts 2.5.17
> - WW-4957 - Update struts version from 2.5.10 to 2.5.17.
> LocalizedTextUtil class is removed and
> GlobalLocalizedTextProvider&StrutsLocalizedTextProvider cannot be used
> instead.
> - WW-4958 - File upload fails from certain clients
> - WW-4964 - Missing javascript in form-validate.ftl
> - WW-4968 - combining s:set and s:property where the property
> retrieved is null has unexpected results
> - WW-4971 - s:include tag fails with truncated content in certain
> circumstances
> - WW-4974 - NullPointerException in
> DefaultStaticContentLoader#findStaticResource
> - WW-4977 - Fixing flaky test in Jsr168DispatcherTest and
> Jsr286DispatcherTest
> - WW-4984 - Static files like css and js files in struts-core not
> properly served
> - WW-4986 - Race condition reloading config results in actions not found
> - WW-4987 - Setting Struts2 <s:select> options Css Class
> - WW-4991 - Not existing property in listValueKey throws exception
> - WW-4997 - <s:debug> can't be resolved
> - WW-4999 - Can't get OgnlValueStack log even if enable
> logMissingProperties
> - WW-5002 - Package Level Properties in Global Results
> - WW-5004 - No more calling of a static variable in Struts 2.8.20 available
> - WW-5006 - NullPointerException in ProxyUtil class when accessing static
> member
> - WW-5009 - EmptyStackException in JSON plugin due to concurrency
> - WW-5011 - Tiles bug when parsing file:// URLs including # as part of the
> URL
> - WW-5013 - Accessing static variable via OGNL returns nothing
> - WW-5022 - Struts 2.6 escaping behaviour change for s:a (anchor) tag
> - WW-5024 - HttpParameters.Builder can wrap objects in two layers of
> Parameters
> - WW-5025 - Binding Integer Array upon form submission
> - WW-5026 - Double-submit of TokenSessionStoreInterceptor broken since
> 2.5.16
> - WW-5027 - xerces tries to load resources from the internet
> - WW-5028 - Dispatcher prints stacktraces directly to the console
> - WW-5029 - The content allowed-methods tag of the XML configuration
> is sometimes truncated
> - WW-5030 - ClassNotFoundException - MockPortletResponse
> - WW-5031 - OGNL: An illegal reflective access operation has occurred
> - WW-5043 - trouble with Enum subclassing
> - WW-5054 - Debugging Interceptor debug=browser not working
> - WW-5058 - Invalid link in primer.html
> - WW-5059 - primer.html link to spring-security is broken
> - WW-5065 - AbstractMatcher adds values to the map passed into
> replaceParameters
> - WW-5072 - Minor bug in single file upload example of the Showcase
> application
> - WW-5074 - Multiple ASM jar conflict in 2.6 build
> - WW-5076 - struts2 redirecting to https to http
> - WW-5077 - Unable to set long pathname variables
> - WW-5079 - Could not find StrutsPrepareAndExecuteFilter sometime in WAS
> server
> - WW-5081 - Struts default textarea template fails w3c validation
> - WW-5082 - struts2 update from 2.1.6 to 2.3.37
> - WW-5086 - s:set with empty body
> - WW-5087 - AliasInterceptor doesn't properly handle Parameter.Empty
> - WW-5088 - Empty file upload gives wrong error message
> - WW-5091 - Switched hash and PGP links
> - WW-5093 - inconsistent scope for variables created with s:set and s:url
> - WW-5095 - Junit plugin does not push ACTION_MAPPING into the context
> resulting in NPE
> - WW-5096 - Struts2 StaticParametersInterceptor's
> addParametersToContext method is not working as expected.
> - WW-5100 - incorrect content-type behavior after upgrading to struts 2.5.*
> - WW-5102 - Download page issues
> - WW-5104 - Please delete old releases
> - WW-5106 - The call chains of ActionContext.getContext() in
> ServletActionContext are dangerious
> - WW-5107 - JQuery plugin does not handle dynamic component ids correctly
> - WW-5108 - No errors are reported locally. On linux environment,
> tomcat runs alone and reports
> java.lang.annotation.AnnotationTypeMismatchException
> - WW-5109 - Ognl issue after migrating from strut 2.3 to 2.5
> - WW-5116 - PostbackResult uses wrong regex range
> - WW-5117 - %{id} evaluates different for data-* and value attribute
> - WW-5119 - Blocking Threads in retrieving text from resource bundle
> - WW-5121 - Contention when injecting Scope.SINGLETON instances
> - WW-5123 - CheckboxTag value missing for labelposition
> - WW-5124 - Tag attribute values cached
> - WW-5125 - forbidden name attribute values (size, clone...?) in
> <s:textfield> using the default theme
> - WW-5129 - Dynamic Attributes are not working for doubleselect,
> optiontransferselect, inputtransferselect tags
> - WW-5130 - ID param not being set
> - WW-5140 - Cannot download struts from the main page
> - WW-5146 - Empty file upload ends in error
> - WW-5147 - OGNL valid expression is not cached and is parsed over
> again in some situations
> - WW-5160 - Template not found for name
> "Empty{name='templateDir'}/simple/hidden.ftl"
> - WW-5163 - Error executing FreeMarker template
> - WW-5169 - Key Technologies Primer: Broken link to ResourceBundles
>
> **New Feature**
>
> - WW-4598 - async Actions
> - WW-4760 - Switch to Servlet API 2.5
> - WW-4874 - Asynchronous action method
> - WW-5005 - Struts2 convention plugin lacks Java 11 support
> - WW-5049 - Move Velocity support into a dedicated plugin
> - WW-5083 - Fetch Metadata support
> - WW-5084 - Content Security Policy support
> - WW-5085 - Add Cross-Origin Opener Policy and Cross-Origin Embedder
> Policy Support
> - WW-5101 - AbstractLocalizedTextProvider illegal reflective access
> operation has occurred
>
> **Improvement**
>
> - WW-685 - Generic error message - Type Conversion Error Handling
> - WW-2040 - Struts 1 vs. Struts 2 benchmarking application
> - WW-2411 - Add a maxlength attribute to the textarea tag
> - WW-2537 - Fix generics in all codebase
> - WW-3788 - Convert ServletActionContext to be more as ActionContext
> - WW-3877 - Remove altSyntax option
> - WW-4043 - Duplicated class TestUtils
> - WW-4069 - Upgrade DWR plugin to use the latest available version
> - WW-4348 - Remove access to static methods
> - WW-4713 - Drop "searchValueStack" attribute from tag <s:text/>
> - WW-4763 - Drop deprecated logging layer
> - WW-4779 - Remove profiling layer
> - WW-4789 - ActionContext should be immutable
> - WW-4792 - Removes deprecated XWork constants
> - WW-4796 - Rename Spring related flags to use the same pattern
> - WW-4799 - make DateConverter configurable
> - WW-4875 - Java configuration
> - WW-4889 - Implement REST content handlers using Apache Juneau
> - WW-4910 - Align OptGroup with Select
> - WW-4915 - Replace deprecated commons-lang3 classes
> - WW-4927 - Use immutable version of OGNL without access to #context
> - WW-4929 - Fallback i18n Locale
> - WW-4932 - Conversion fails when generic type is an interface
> - WW-4937 - Add SortedSet field support to JSON plugin
> - WW-4938 - ObjectFactory should use Container to instantiate actions
> and inject dependencies
> - WW-4952 - Upgrade to apache-master version 21
> - WW-4963 - Implement new Aware interfaces that are using withXxxx
> pattern instead of setters
> - WW-4972 - Switch to latest freemarker version when defining
> incompatible_improvements
> - WW-4995 - Enhancement for s:set tag to improve tag body whitespace
> control.
> - WW-4996 - Refactor DefaultTypeConverterCreator to use
> ObjectFactory#buildConverter
> - WW-5000 - Replace string literals with proper constants in @Inject
> - WW-5001 - Allow to define converters in "struts-conversion.properties"
> file
> - WW-5003 - Use StrutsException instead of XWorkException
> - WW-5012 - Make a public state check the first acceptance check in
> SecurityMemberAccess
> - WW-5017 - Drop @Validation annotation as not needed
> - WW-5018 - Add maven enforce plugin to control certain environmental
> constraints
> - WW-5023 - Upgrade SLF4J to latest 1.7.x version
> - WW-5034 - Minor enhancement/fix to AbstractLocalizedTextProvider
> - WW-5035 - Provide mechanism to clear OgnlUtil caches
> - WW-5036 - update JFreeChart plugin for compatibility with JFreeChart 1.5
> - WW-5052 - Use TypeConversionException instead of StrutsException
> - WW-5056 - Standard Accepted Patterns in DefaultAcceptedPatternsChecker
> - WW-5057 - Cleanup and/or improvements to Showcase Applications
> - WW-5062 - Use downloads.a.o instead of archive
> - WW-5063 - Use null check of passed in invocation in all the results
> - WW-5064 - Move XWork Spring support into struts2-spring-plugin
> - WW-5069 - Improve build behaviour on JDK9+
> - WW-5070 - JSONResult default root object should be set explicitly,
> rather than from result of ValueStack.peek()
> - WW-5073 - Use TextParser in AbstractMatcher
> - WW-5078 - Remove support for <xwork> DTD
> - WW-5080 - Allow write directly to a response - define a new result
> - WW-5099 - Upgrade JFreeChart plugin to use version 1.5.1 of JFreeChart
> - WW-5112 - Add ability (control flag) for TextProviders to prioritize
> reads from the default resource bundlest.
> - WW-5113 - Drop deprecated constant "struts.xworkTextProvider"
> - WW-5114 - Drop deprecated constant "struts.localeProvider"
> - WW-5115 - Reduce logging for DMI excluded parameters
> - WW-5126 - inconsistancy between Model Driven and Model Driven
> Interceptor documentations
> - WW-5136 - Make class attribute deprecated
> - WW-5152 - Make OVal plugin deprecated
> - WW-5153 - Make Portlet, Portlet Mocks and Portlet Tiles plugins
> deprecated
> - WW-5154 - Make GXP plugin deprecated
> - WW-5155 - Make OSGi plugin deprecated
> - WW-5156 - Make Plexus plugin deprecated
> - WW-5157 - Make Sitemesh plugin deprecated
> - WW-5164 - Remove deprecated ConversionDescription class
> - WW-5168 - Fix missing submitUnchecked and broken disabled attributes
> in Javatemplates checkbox tag
> - WW-5175 - Add basic LocalDateTime support
> - WW-5179 - Set 'struts.ognl.expressionMaxLength' to 256 by default
> - WW-5181 - Stop supporting accessing static methods via OGNL expressions
> - WW-5182 - Upgrade to Servlet API 3.1
>
> **Task**
> - WW-4845 - run, test, and validate Struts2 with Java9
> - WW-4981 - Add support for Java 11
> - WW-4982 - Remove the deprecated JsonLibHandler and outdated json-lib
> dependency
> - WW-4983 - Set private access modifier for HttpParameters.toMap
> - WW-4998 - I18nInterceptor's default storage should store locale
> - WW-5010 - Switch to Java 8
> - WW-5016 - Support Java 8 date time in the date tag
> - WW-5020 - delete deprecated sitegraph plugin
> - WW-5021 - Serve static resources from different path
> - WW-5118 - OGNL long conversion
>
> **Dependency**
> - WW-4887 - Upgrade to Tiles 3.0.8
> - WW-4926 - Upgrade commons-beanutils to version 1.9.3
> - WW-4931 - Upgrade to Apache FreeMarker 2.3.28 version
> - WW-4947 - server errors generated by
> secure-jakarta-multipart-parser-plugin
> - WW-4955 - Upgrade to OGNL 3.2.6
> - WW-4956 - Upgrade to Log4j2 2.11.1
> - WW-4965 - Upgrade to OGNL 3.2.7
> - WW-4967 - Upgrade to Jackson 2.9.6
> - WW-4973 - Upgrade to OGNL 3.2.8
> - WW-4975 - Upgraded commons-fileupload to version 1.4
> - WW-4976 - Upgrade ASM to version 7.0
> - WW-4979 - Update multiple Struts 2.6.x libraries to more recent versions
> - WW-4980 - Update maven-wrapper to 3.5.4 and add maven-wrapper.jar to
> .gitignore
> - WW-4985 - Update persistence-api from 1.0 to 1.0.2 for CDI Plugin
> - WW-4988 - Upgrade DWR from 1.x to 2.x (for DWR plugin)
> - WW-4989 - Use JacksonXML handler instead of XStream as a default
> handler for XML in the REST plugin
> - WW-4992 - Mark the Embedded JSP plugin as depracted
> - WW-4993 - Update OGNL versions for 2.6 and 2.5.x builds
> - WW-5007 - Upgrade Jackson library to the latest version
> - WW-5019 - Upgrade Log4j to version 2.13.3
> - WW-5032 - Struts 2 Junit Plugin is not working with Zulu JDK11
> - WW-5033 - Update a few Struts 2.5.x libraries to more recent versions
> - WW-5037 - Upgrade commons-beanutils to version 1.9.4
> - WW-5038 - Upgrade jackson-databind to version 2.9.9.3
> - WW-5042 - Upgrade jackson-databind to version 2.10.0
> - WW-5045 - Update jasperreports to 6.10.0
> - WW-5047 - Upgrade Velocity to 2.1 and Velocity Tools to 3.0
> - WW-5048 - Update various dependencies to newest version
> - WW-5050 - Upgrade to OGNL 3.2.12
> - WW-5061 - CVEs in the library dependencies
> - WW-5068 - Update multiple Struts 2.6.x libraries / Maven build plugin
> versions
> - WW-5075 - Upgrade OSGi to the latest version
> - WW-5092 - ASM dependency update to 8.*
> - WW-5094 - Upgrade Spring Framework to version 4.3.29.RELEASE
> - WW-5097 - Upgrade to OGNL 3.2.16
> - WW-5098 - Upgrade ASM to version 9.0
> - WW-5103 - Upgrade XStream to version 1.4.14
> - WW-5120 - Upgrade Velocity Engine & Velocity Tools
> - WW-5122 - Upgrade XStream to version 1.4.16
> - WW-5131 - Upgrade commons-io to version 2.9
> - WW-5134 - Upgrade JasperReports to version 6.17.0
> - WW-5135 - Upgrade XStream to version 1.4.17
> - WW-5142 - Upgrade XStream to version 1.4.18
> - WW-5143 - Upgrade Oval library to ver. 3.2.1
> - WW-5144 - Mark OVal plugin as deprecated
> - WW-5148 - Upgrade ASM to version 9.2
> - WW-5151 - Bump to 2.15.0 to fix log4j vulnerability
> - WW-5158 - Upgrade Log4j to version 2.16.0 to address security
> vulnerability
> - WW-5161 - Update spring to 4.3.30
> - WW-5162 - Upgrade Log4j to version 2.17.1 to address security
> vulnerability
> - WW-5165 - Update spring to 5.3.x b/c 4.3.x is EOL
> - WW-5166 - Update OGNL to 3.3.2
> - WW-5167 - Upgrade XStream to version 1.4.19
> - WW-5171 - Upgrade Apache Log4j 2.17.2
> - WW-5172 - Upgrade freemarker to 2.3.31
> - WW-5174 - Upgrade Jackson-Core to version 2.13.2 and
> Jackson-Databind to 2.13.2.1
>
> Please read the Version Notes to find more details about performed bug
> fixes and improvements. Also, a dedicated migration guide has been
> prepared.
> https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.0.0
>
> https://cwiki.apache.org/confluence/display/WW/Struts+2.5+to+6.0.0+migration
>
> Apache Struts 2 is an elegant, extensible framework for creating
> enterprise-ready Java web applications.
> The framework has been designed to streamline the full development
> cycle, from building, to deploying,
> to maintaining applications over time.
>
> **All developers are strongly advised to perform this upgrade.**
>
> The 6.x series of the Apache Struts framework has a minimum
> requirement of the following specification versions:
> Servlet API 3.1, JSP API 2.1, and Java 8.
>
> Should any issues arise with your use of any version of the Struts
> framework, please post your comments to the user list,
> and, if appropriate, file a tracking ticket.
> https://issues.apache.org/jira/projects/WW/
>
> You can download this version from our download page.
> https://struts.apache.org/download.cgi#struts-ga
>
>
> Regards
> --
> Łukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>
>
