You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from maven-jar-plugin's releases.

3.3.0

🚀 New features and improvements

• [MJAR-278] - Update plugin (requires Maven 3.2.5+) (#19) @​cstamas
• [MJAR-280] - Java 8 minimum (#29) @​olamy

🐛 Bug Fixes

• [MJAR-275] - Fix outputTimestamp not applied to module-info; breaks reproducible builds (#43) @​jorsol

📦 Dependency updates

• [MJAR-290] - Update Plexus Utils to 3.4.2 (#48) @​jorsol
• [MJAR-291] - Upgrade Parent to 37 (#50) @​jorsol
• Bump junit from 4.11 to 4.13.1 in /src/it/MJAR-228 (#39) @​dependabot
• Bump plexus-utils from 3.3.1 to 3.4.2 (#42) @​dependabot
• [MJAR-288] - Upgrade Parent to 36 (#40) @​slawekjaranowski

📝 Documentation updates

• Restore mavenArchiverVersion property used in the site (#51) @​jorsol
• (doc) Updated create-test-jar.apt.vm removing 'and' in Maven site Create Test JAR documentation (#34) @​focbenz

👻 Maintenance

• use shared action v3 (#49) @​olamy
• Code simplifications in AbstractMojo (#47) @​rhowe

• d68df4b [maven-release-plugin] prepare release maven-jar-plugin-3.3.0
• fb2299a Restore mavenArchiverVersion property used in the site
• 1204127 [MJAR-290] - Update Plexus Utils to 3.4.2
• 5fd2fc9 [MJAR-291] - Upgrade Parent to 37
• 56344da use shared action v3 (#49)
• 4148491 Code simplifications in AbstractMojo (#47)
• 46c017d [MJAR-275] - Fix outputTimestamp not applied to module-info; breaks reproduci...
• c02be20 [MJAR-278] Update plugin (requires Maven 3.2.5+) (#19)
• b6fe3eb Bump junit from 4.11 to 4.13.2 in /src/it/MJAR-228
• 78a28dd Ignore Maven Core updates
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from jetty-maven-plugin's releases.

10.0.12

Special Thanks to the following Eclipse Jetty community members

• @​MoonLord-LM (MoonLord-LM)
• @​keller-j (keller-j)
• @​mwgmnn (Michael Weigmann)
• @​cstamas (Tamas Cservenak)
• @​fanf (François Armand)

Changelog

• #8578 - getRequestURL can append "null" if getRequestURI is unspecified in an authority-form request-target
• #8554 - remove infinispan-remote from bom as it doesn't have to be here
• #8540 - Maven pom is not correct for org.eclipse.jetty/infinispan-embedded and org.eclipse.jetty/infinispan-remote (@​MoonLord-LM)
• #8532 - Review System.nanoTime() usages
• #8485 - add testing for KeystoreGenerator
• #8468 - define the resourceBase in well-known ContextHandler to allow alias checking
• #8433 - improve performance of alias checking
• #8353 - Automatic pongs should not be sent when connection is closed
• #8294 - java.lang.ClassCastException: class org.eclipse.jetty.http.HttpField cannot be cast to class org.eclipse.jetty.http.HttpCookie$SetCookieHttpField
• #8264 - Fix errors in Mapped pool and javadoc
• #8259 - Symlinks cause 404 with DefaultServlet when its "resourceBase" is different from ContextHandler's
• #8222 - Jetty start.jar fails with NullPointerException when referencing a non existent module and using JVM args
• #8216 - OpenID logout / more extensibible OpenIdConfiguration (@​keller-j)
• #8206 - Stopping server from within AbstractConnector#accept fails and results in a partially stopped QueuedThreadPool
• #8196 - Remove unused jetty-plus.xml file
• #8182 - Drop MAT (@​cstamas)
• #8171 - Combined ByteBufferPool
• #8170 - WebSockets closed abruptly when using HTTP/2
• #8152 - jetty.sh does not read JAVA_OPTIONS anymore (@​fanf)
• #8151 - JakartaWebSocketSession.close() blocks long time when called from SendHandlerCallback
• #8007 - Support Loom
• #8006 - Use getSchemaTableName also in the create table statement (@​mwgmnn)
• #7970 - Maven Plugin - the option to set extraClasspath in the plugin configuration isn't working

Dependencies

• #8503 - Bump apache.directory.api.version to 2.1.2
• #8383 - Bump asciidoctorj to 2.5.5
• #8387 - Bump avro to 1.11.1
• #8513 - Bump checkstyle to 10.3.3
• #8507 - Bump error_prone_annotations to 2.15.0
• #8367 - Bump exec-maven-plugin to 3.1.0
• #8515 - Bump flatten-maven-plugin to 1.3.0
• #8237 - Bump google-cloud-datastore to 2.9.1
• #8505 - Bump grpc-core to 1.49.0
• #8373 - Bump gson to 2.9.1
• #8363 - Bump h2spec-maven-plugin to 1.0.10
• #8561 - Bump hawtio-default to 2.15.1

... (truncated)

• 408d013 Updating to version 10.0.12
• 2a49f86 Merge pull request #8580 from eclipse/fix/jetty-10.0.x-proxy-rewrite-null-uri
• 8eba1c9 Issue #8578 - Changes from review
• a6a386a Issue #8578 - restore backward compat of getRequestURL and getRequestURI when...
• 3df45b9 Merge pull request #8569 from eclipse/dependabot/maven/jetty-10.0.x/com.faste...
• 2b2889c Merge pull request #8566 from eclipse/dependabot/maven/jetty-10.0.x/org.codeh...
• 3c00404 Bump jackson-databind from 2.13.3 to 2.13.4
• 6445aff Merge pull request #8572 from eclipse/dependabot/maven/jetty-10.0.x/com.faste...
• dfa1e20 Merge pull request #8568 from eclipse/dependabot/maven/jetty-10.0.x/org.eclip...
• 6904b4e Bump jackson-core from 2.13.3 to 2.13.4
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from maven-javadoc-plugin's releases.

3.4.1

• [MJAVADOC-723] - Upgrade Maven Reporting API to 3.1.1/Complete with Maven Reporting Impl 3.2.0 (#158) @​pzygielo
• Skip Java 9-14 in reproducible test (#155) @​jorsol
• Add Integration Test for reproducible builds (#152) @​jorsol
• [MJAVADOC-719] - Update Maven Archiver to 3.6.0 (#150) @​jorsol

📦 Dependency updates

• Bump assertj-core from 3.21.0 to 3.23.1 (#143) @​dependabot
• Bump spring-webmvc from 4.3.29.RELEASE to 5.2.21.RELEASE in /src/it/projects/MJAVADOC-434_fixcompile (#135) @​dependabot
• Bump mockito-core from 4.1.0 to 4.4.0 (#133) @​dependabot

• a5db96e [maven-release-plugin] prepare release maven-javadoc-plugin-3.4.1
• a10f0b1 [MJAVADOC-723] Upgrade Maven Reporting API to 3.1.1/Complete with Maven Repor...
• c19dba2 Skip Java 9-14 in reproducible test
• 26d84b2 Add notimestamp for reproducible builds test
• 92ce668 Ignore Maven Core updates
• bacc078 Add Integration Test for reproducible builds
• 497f80f [MJAVADOC-719] - Update Maven Archiver to 3.6.0
• 34b501d Bump assertj-core from 3.21.0 to 3.23.1
• b928970 Bump spring-webmvc in /src/it/projects/MJAVADOC-434_fixcompile
• 4306c92 Bump mockito-core from 4.1.0 to 4.4.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from jetty-maven-plugin's releases.

11.0.4

Special Thanks to the following Eclipse Jetty community members

• @​tjwatson (Thomas Watson)

Changelog

• #6354 - org.slfj dependency imports packages at 2.0 (@​tjwatson)
• #6347 - session-store-gcloud module broken logging dependency
• #6330 - CustomRequestLog is missing HTTP version format option
• #6305 - Optimise ContextHandler.isProtectedTarget
• #6285 - HTTP2 client: IllegalStateException: Cannot release an already released entry
• #6276 - Support non-standard domains in SNI and X509
• #6268 - Warnings about "unable to parse form content" are not helpful for troubleshooting
• #6118 - Display a warning when Hazelcast configuration does not contain Jetty session serializer
• #6114 - Jetty Deploy scan / symlink behavior is broken
• #6112 - Jetty logging service file leaking to web applications

11.0.3

Changelog

• This release resolves CVE-2021-28169
• #3764 DeprecationWarning Decorator
• #5684 Review disabled tests
• #5798 jetty-runner startup error with jetty-10
• #5817 Provide more filtering for CustomRequestLog
• #6049 Default provider [files] section always executed
• #6084 GzipHandler: NPE in setDeflaterPoolCapacity and setInflaterPoolCapacity
• #6098 jetty-cdi is missing from jetty-bom
• #6099 Cipher preference may break SNI if certificates have different key types
• #6105 HttpConnection.getBytesIn() incorrect for requests with chunked content
• #6106 WebSocket/CDI integration is broken in Jetty 10
• #6125 Do not allow override of jakarta.* container classes by webapps per Servlet 5.0 Section 15.2.1
• #6132 Ambiguous segment in URI in DELETE /a/projects/foo/branches/refs%2Fheads%2Ftest request after upgrade from 10.0.0 to 10.0.2
• #6153 jetty-maven-plugin does not correctly pass JVM arguments for external deployMode
• #6159 Jetty with Conscrypt unable to handle any HTTPS requests when connected by IP rather than hostname.
• #6166 WebSocket MessageInputStream.read() spends a lot of time in ByteBuffer.compact()
• #6205 OpenIdAuthenticator may use incorrect redirect
• #6208 HTTP/2 max local stream count exceeded
• #6224 make jetty-jspc-maven-plugin @threadsafe
• #6227 Better resolve race between AsyncListener.onTimeout and AsyncContext.dispatch
• #6238 jetty-keystore Invalid manifest header Bundle-SymbolicName: ""
• #6250 Lazily allocate HTTP2Stream data queue
• #6251 Use CyclicTimeout for HTTP2Streams
• #6254 Total timeout not enforced for queued requests
• #6263 Review URI encoding in ConcatServlet & WelcomeFilter
• #6277 Better handle exceptions thrown from session destroy listener
• #6280 Copy ServletHolder class/instance properly during startWebapp
• #6287 Class loading broken for WebSocketClient used inside webapp

... (truncated)

• 5bcdeb5 Updating to version 11.0.4
• d96588e Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'.
• 3a8af44 Fixes #6330 - CustomRequestLog is missing HTTP version format option. (#6362)
• c11c8bb Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'.
• e3faf81 Fix #6114 Deploy symlink webapps (#6317)
• de37267 Issue #6327 Fix cookie leak test (#6344)
• 9cc7517 Issue #6330 - Improve javadoc for CustomRequestLog %H
• f50c4fd Issue #6327 Remove an invalid RequestTest
• eee4a1a Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'.
• 21aba4a Fixes #6323 - HttpClient requests with redirects gets stuck/never calls onCom...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from jetty-maven-plugin's releases.

10.0.13

Special Thanks to the following Eclipse Jetty community members

• @​janvojt (Jan Vojt)
• @​joschi (Jochen Schalanda)
• @​leonchen83 (Baoyi Chen)
• @​cowwoc (Gili Tzabari)
• @​Vlatombe (Vincent Latombe)

Changelog

• #9006 - WebSocket Message InputStream read() returns signed byte
• #8913 - Review Jetty XML syntax to allow calling JDK methods
• #8905 - GzipHandler fails to set Vary header on 304 responses
• #8900 - Improved documentation about virtual threads.
• #8897 - Update Conditional request handling for RFC7232
• #8895 - Generate downloadable version of javadocs documentation in website deploy script
• #8863 - Provide a possibility to name virtual threads
• #8810 - ArrayRetainableByteBufferPool inefficiently calculates bucket indices
• #8786 - KeyStoreScanner is not able to monitor a symlink file and always resolves to the target.
• #8779 - CompactPathRule drops query section on use
• #8770 - Review whether to send request body in redirects
• #8753 - Starting HttpClient with destinationIdleTimeout set throws NPE. (@​janvojt)
• #8750 - AbstractProxyServlet.onServerResponseHeaders does not support headers with empty values
• #8743 - Add log.isDebugEnabled() to reduce string allocation (@​leonchen83)
• #8721 - jetty:effective-web-xml doesn't generate quickstart information for web fragment jars that contain META-INF/resources
• #8716 - Multiple Host header values handled poorly
• #8712 - ELContextCleaner no longer needed.
• #8688 - Fix traversal bug on extraction of bad jar/zip files during jetty-start
• #8682 - expand jetty properties when generating dry-run command line
• #8678 - Jetty client is not responding to GO_AWAY packet received from (Jetty) Server and continue to send traffic on same connection
• #8628 - Pseudo restore PathMappings.getMatch(String) for backwards compat reasons
• #8623 - Use AutoLock in InputStreamResponseListener
• #8600 - Allow to pass instances of ClientConfig and Config to Hazelcast data store factory (@​Vlatombe)
• #8591 - Indicate units of HttpClient properties (@​cowwoc)
• #8558 - Idle timeout occured sometimes on HTTP/2 client with InputStreamResponseListener
• #8536 - HotSwapHandler race condition
• #8473 - add getter for the WebSocketUpgradeHandler configuration
• #8460 - Log or throw exception if DefaultSessionIdManager is used but has not been started.
• #8330 - Persistent OpenId sessions can throw IllegalStateException
• #7993 - HttpClient idleTimeout configuration being ignored/overridden
• #7286 - WebSocket write can time out even if the frame / callback has not been failed.
• #7117 - Timeout with Expect 100 continue when using ProxyServlet

Dependencies

• #8794 - Bump asm.version to 9.4
• #8799 - Bump commons-compress to 1.22
• #8656 - Bump google-cloud-datastore to 2.11.4

... (truncated)

• 1c2636e Updating to version 10.0.13
• 355eebe Update tycho-p2 from 2.7.5 to 3.0.1
• 7e1de8b Issue #8973 - Rework KeyStoreScanner handling for symlink related changes (#9...
• 2538a91 Fixes flaky FCGI test HttpClientTest.testPOSTWithContentTracksProgress().
• 3d3c954 Fixing OSGi bundle + tycho-p2 build failures (#9017)
• e923123 Merge pull request #9011 from eclipse/fix/jetty-10-9009-flaky-StreamCloseTest
• 5b20fcc Merge pull request #9010 from eclipse/fix/jetty-10-websocket-inputstream-read
• 486b51e Merge pull request #9008 from eclipse/fix/jetty-10-9005-flaky-ConnectionPoolTest
• 7c75768 Fixes #9009 - Flaky test StreamCloseTest.testRequestDataClosedResponseDataClo...
• a546027 Fixes #9006 - WebSocket MessageInputStream.read() returns signed byte
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)