[jira] [Commented] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828433#comment-17828433 ] Remo Liechti commented on SLING-12269: -- not so sure, if somebody was actually having an inputfield on a UI where the user could enter some numbers, and was checking for NumberFormatException in order to present a proper error message to the user, this could be broken. > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (SLING-10156) Create access control entries for unknown principals
[ https://issues.apache.org/jira/browse/SLING-10156?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Angela Schreiber resolved SLING-10156. -- Resolution: Duplicate this has been addressed by SLING-12115. thanks [~jsedding] :) > Create access control entries for unknown principals > > > Key: SLING-10156 > URL: https://issues.apache.org/jira/browse/SLING-10156 > Project: Sling > Issue Type: Bug > Components: Repoinit >Reporter: Angela Schreiber >Priority: Major > > [~bdelacretaz], today the JCR repo-init implementation limits creation of > access control content to principals known to the repository (see also > SLING-10134 for a related ticket wrt to removing access control entries): > {code} > // first try PrincipalManager.getPrincipal(String) > Principal principal = AccessControlUtils.getPrincipal(session, name); > if (principal == null) { > // backwards compatibility: fallback to original code > treating principal name as authorizable ID (see SLING-8604) > final Authorizable authorizable = > UserUtil.getAuthorizable(session, name); > checkState(authorizable != null, "Authorizable not found:" + > name); > principal = authorizable.getPrincipal(); > } > checkState(principal != null, "Principal not found: " + name); // > <- here it fails if principal does not exist > {code} > While JCR access control API mandates that a principal must be known to the > repository, it is possible both with Apache Jackrabbit 2.x and in Apache > Jackrabbit Oak to relax that contract (see ImportBehavior.BESTEFFORT [0]). > The main reason for this is the fact that principals may only be installed at > a later stage and packaging them together with (resource-based) access > control isn't always feasible/desirable (see for example Jackrabbit vault > [1]). > In other words: repo-init should delegate the principal validation step (and > whether or not the strict JCR contract is enforced) to the repository itself. > In Sling RepoInit this is relevant under the following circumstances: > - cleaning up access control content when the principal no longer exists (see > SLING-10134) > - setting up access control content in the initial repository initialization, > while principals are not yet available (maybe installed later with content > packages). this becomes increasingly relevant with a composite NodeStore > setup, where certain trees of the repository are marked as immutable and thus > might be initialized independently of the mutable stores (that e.g. would > include the group nodes). > NOTE: delegating the principal validation step to the repository, may also > require the principal-equality test in > https://github.com/apache/sling-org-apache-sling-jcr-repoinit/blob/master/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java#L399 > to be adjusted (e.g. reducing to comparing names as it is done in [2]) > [~karlpauls], [~cziegeler], fyi > [0] > http://jackrabbit.apache.org/oak/docs/security/accesscontrol/default.html#xml_import > [1] > https://github.com/apache/jackrabbit-filevault/blob/f785fcb24d4cbd01c734e9273310a925c29ae15b/vault-core/src/main/java/org/apache/jackrabbit/vault/fs/impl/io/JackrabbitACLImporter.java > [2] > https://github.com/apache/jackrabbit-filevault/blob/f785fcb24d4cbd01c734e9273310a925c29ae15b/vault-core/src/main/java/org/apache/jackrabbit/vault/fs/impl/io/JackrabbitACLImporter.java#L290 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti edited comment on SLING-12269 at 3/19/24 4:05 PM: --- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {code:java} public long getLong(String key) throws JSONException{ Object o = get(key); return o instanceof Number ? ((Number)o).longValue() : Long.valueOf((String)o).longValue(); }{code} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {code:java} public long getLong(String key) throws JSONException { final Object object = this.get(key); if (object instanceof Number){ return ((Number) object).longValue(); } try{ return Long.parseLong(object.toString()); }catch (Exception e){ throw wrongValueFormatException(key, "long", object, e); } }{code} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException was (Author: JIRAUSER304615): I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{public long getLong(String key) throws JSONException{}} {{ Object o = get(key);}} {{ return o instanceof Number ?}} {{ ((Number)o).longValue() : Long.valueOf((String)o).longValue();}} {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* public long getLong(String key) throws JSONException { }}{{ final Object object = this.get(key); }}{{ if (object instanceof Number){ {{ return ((Number) object).longValue();}} {{ }}} try{ {{ return Long.parseLong(object.toString());}} }catch (Exception e){ {{ throw wrongValueFormatException(key, "long", object, e);}} {{ }}} {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti edited comment on SLING-12269 at 3/19/24 4:03 PM: --- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{public long getLong(String key) throws JSONException{}} {{ Object o = get(key);}} {{ return o instanceof Number ?}} {{ ((Number)o).longValue() : Long.valueOf((String)o).longValue();}} {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* public long getLong(String key) throws JSONException { }}{{ final Object object = this.get(key); }}{{ if (object instanceof Number){ {{ return ((Number) object).longValue();}} {{ }}} try{ {{ return Long.parseLong(object.toString());}} }catch (Exception e){ {{ throw wrongValueFormatException(key, "long", object, e);}} {{ }}} {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException was (Author: JIRAUSER304615): I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{public long getLong(String key) throws JSONException{}} {{ Object o = get(key);}} {{ return o instanceof Number ?}} {{ ((Number)o).longValue() : Long.valueOf((String)o).longValue();}} {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}}}{ {}}} return ((Number) object).longValue(); {{{} try{}}}{ return Long.parseLong(object.toString()); {{{} }{{{{{}catch (Exception e){}}}}}{{}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti edited comment on SLING-12269 at 3/19/24 4:01 PM: --- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{public long getLong(String key) throws JSONException{}} {{ Object o = get(key);}} {{ return o instanceof Number ?}} {{ ((Number)o).longValue() : Long.valueOf((String)o).longValue();}} {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}}}{ {}}} return ((Number) object).longValue(); {{{} try{}}}{ return Long.parseLong(object.toString()); {{{} }{{{{{}catch (Exception e){}}}}}{{}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException was (Author: JIRAUSER304615): I think the behaviour is changed for all methods. I.e. for getLong: *Old:* public long getLong(String key) throws JSONException{ }} Object o = get(key);}} return o instanceof Number ?}} }} {{ ((Number)o).longValue() : Long.valueOf((String)o).longValue();}} {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}}}{ {}}} return ((Number) object).longValue(); {{{} try{}}}{ return Long.parseLong(object.toString()); {{{} }{{{{{}catch (Exception e){}}}}}{{}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti edited comment on SLING-12269 at 3/19/24 4:01 PM: --- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* public long getLong(String key) throws JSONException{ }} Object o = get(key);}} return o instanceof Number ?}} }} {{ ((Number)o).longValue() : Long.valueOf((String)o).longValue();}} {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}}}{ {}}} return ((Number) object).longValue(); {{{} try{}}}{ return Long.parseLong(object.toString()); {{{} }{{{{{}catch (Exception e){}}}}}{{}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException was (Author: JIRAUSER304615): I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{{}public long getLong(String key) throws JSONException{}}}{{{}{{}}} Object o = get(key); {{ return o instanceof Number ? }} ((Number)o).longValue() : Long.valueOf((String)o).longValue(); {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}{{{}{ {}}} return ((Number) object).longValue(); {{{} try{}}}{ return Long.parseLong(object.toString()); {{{} }{}}}{{{}catch (Exception e){}}}{{{}{{}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828429#comment-17828429 ] Robert Munteanu commented on SLING-12269: - Right, in this case the new version is more lenient and uses {{toString()}} instead of conditionally downcasting. That is a behaviour change indeed, but I am personally not very concerned about that as it will not break consumers relying on the old behaviour. > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti edited comment on SLING-12269 at 3/19/24 4:00 PM: --- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{{}public long getLong(String key) throws JSONException{}}}{{{}{{}}} Object o = get(key); {{ return o instanceof Number ? }} ((Number)o).longValue() : Long.valueOf((String)o).longValue(); {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}{{{}{ {}}} return ((Number) object).longValue(); {{{} try{}}}{ return Long.parseLong(object.toString()); {{{} }{}}}{{{}catch (Exception e){}}}{{{}{{}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException was (Author: JIRAUSER304615): I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{{}public long getLong(String key) throws JSONException{}}}}}{{}}} Object o = get(key); {{ return o instanceof Number ? }} ((Number)o).longValue() : Long.valueOf((String)o).longValue(); {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}}}{ {}}} return ((Number) object).longValue(); {{{} try{}}}{ return Long.parseLong(object.toString()); {{{} }{}}}{{{}catch (Exception e){}}}{{{}{{}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti edited comment on SLING-12269 at 3/19/24 3:59 PM: --- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{{}public long getLong(String key) throws JSONException{}}}}}{{}}} Object o = get(key); {{ return o instanceof Number ? }} ((Number)o).longValue() : Long.valueOf((String)o).longValue(); {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}}}{ {}}} return ((Number) object).longValue(); {{{} try{}}}{ return Long.parseLong(object.toString()); {{{} }{}}}{{{}catch (Exception e){}}}{{{}{{}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException was (Author: JIRAUSER304615): I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{{}public long getLong(String key) throws JSONException{}}}}}{ {{ Object o = get(key); {{ return o instanceof Number ? }} ((Number)o).longValue() : Long.valueOf((String)o).longValue(); {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}}}{ {}}} return ((Number) object).longValue(); {{{} try{}}}}}{ {{ return Long.parseLong(object.toString()); {{{} }{}}}{{{}catch (Exception e){}}}}}{ {}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti edited comment on SLING-12269 at 3/19/24 3:59 PM: --- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{{}public long getLong(String key) throws JSONException{}}}}}{ {{ Object o = get(key); {{ return o instanceof Number ? }} ((Number)o).longValue() : Long.valueOf((String)o).longValue(); {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}}}{ {}}} return ((Number) object).longValue(); {{{} try{}}}}}{ {{ return Long.parseLong(object.toString()); {{{} }{}}}{{{}catch (Exception e){}}}}}{ {}}} throw wrongValueFormatException(key, "long", object, e); {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException was (Author: JIRAUSER304615): I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{{}public long getLong(String key) throws JSONException{}}}{{{}{ {}}} {{ Object o = get(key); }} {{ return o instanceof Number ? }} {{ ((Number)o).longValue() : }} {{ Long.valueOf((String)o).longValue(); }} {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}{{{}{ {}}} {{ return ((Number) object).longValue(); }} {{ }}}{{ }} {{{} try{}}}{{{}{ {}}} {{ return Long.parseLong(object.toString()); }} {{{} }{}}}{{{}catch (Exception e){}}}{{{}{ {}}} {{ throw wrongValueFormatException(key, "long", object, e); }}}{{ }} {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti edited comment on SLING-12269 at 3/19/24 3:58 PM: --- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* {{{}public long getLong(String key) throws JSONException{}}}{{{}{ {}}} {{ Object o = get(key); }} {{ return o instanceof Number ? }} {{ ((Number)o).longValue() : }} {{ Long.valueOf((String)o).longValue(); }} {{}}} +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* {{public long getLong(String key) throws JSONException {}} {{ final Object object = this.get(key);}} {{{} if (object instanceof Number){}}}{{{}{ {}}} {{ return ((Number) object).longValue(); }} {{ }}}{{ }} {{{} try{}}}{{{}{ {}}} {{ return Long.parseLong(object.toString()); }} {{{} }{}}}{{{}catch (Exception e){}}}{{{}{ {}}} {{ throw wrongValueFormatException(key, "long", object, e); }}}{{ }} {{}}} +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException was (Author: JIRAUSER304615): I think the behaviour is changed for all methods. I.e. for getLong: *Old:* public long getLong(String key) throws JSONException { Object o = get(key); return o instanceof Number ? ((Number)o).longValue() : Long.valueOf((String)o).longValue(); } +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* public long getLong(String key) throws JSONException { final Object object = this.get(key); if (object instanceof Number) { return ((Number) object).longValue(); } try { return Long.parseLong(object.toString()); } catch (Exception e) { throw wrongValueFormatException(key, "long", object, e); } } +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828428#comment-17828428 ] Remo Liechti commented on SLING-12269: -- Similar Story for JSONArray and maybe more classes, to be checked. > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828427#comment-17828427 ] Remo Liechti commented on SLING-12269: -- I think the behaviour is changed for all methods. I.e. for getLong: *Old:* public long getLong(String key) throws JSONException { Object o = get(key); return o instanceof Number ? ((Number)o).longValue() : Long.valueOf((String)o).longValue(); } +Cases+ # Object o is Number: returns long # Object o is String of format Long: returns long # Object o is String with invalid format: throws a NumberFormatException # Object o is no String: throws ClassCastException *New:* public long getLong(String key) throws JSONException { final Object object = this.get(key); if (object instanceof Number) { return ((Number) object).longValue(); } try { return Long.parseLong(object.toString()); } catch (Exception e) { throw wrongValueFormatException(key, "long", object, e); } } +Cases+ # Object o is Number: returns long # Object o is any type, does toString() with valid format: returns long # Object o is any type, does toString() with invalid format: throws a JsonException # throws no more ClassCastException nor NumberFormatException > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-12269: Component/s: Commons > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828419#comment-17828419 ] Robert Munteanu commented on SLING-12269: - Thanks for the report [~rliechti]. I would like to understand what methods are affected, so here's a comparison table: ||Method||Version 2.0.20|| Version 2.0.22|| Change? || |JSONObject.getString| https://github.com/apache/sling-org-apache-sling-commons-json/blob/43d3030dbb967232d129ed19f79d0b89b82f4965/src/main/java/org/apache/sling/commons/json/JSONObject.java#L487-L489| https://github.com/apache/sling-org-apache-sling-commons-json/blob/7a15fe774b6892c770af4d7ad12aa1d1bd7f976c/src/main/java/org/apache/sling/commons/json/JSONObject.java#L913-L919 | (!) Yes, 2.0.22 fails if value is not string | | JSONObject.getBoolean | https://github.com/apache/sling-org-apache-sling-commons-json/blob/43d3030dbb967232d129ed19f79d0b89b82f4965/src/main/java/org/apache/sling/commons/json/JSONObject.java#L375-L388 | https://github.com/apache/sling-org-apache-sling-commons-json/blob/7a15fe774b6892c770af4d7ad12aa1d1bd7f976c/src/main/java/org/apache/sling/commons/json/JSONObject.java#L663-L675 | No, both versions need either "true" or "false", case insensitive | | JSonObject.getDouble | https://github.com/apache/sling-org-apache-sling-commons-json/blob/43d3030dbb967232d129ed19f79d0b89b82f4965/src/main/java/org/apache/sling/commons/json/JSONObject.java#L398-L408 | https://github.com/apache/sling-org-apache-sling-commons-json/blob/43d3030dbb967232d129ed19f79d0b89b82f4965/src/main/java/org/apache/sling/commons/json/JSONObject.java#L398-L408 | No, both versions check for {{Number}} and try to parse if needed | | JSonObject.getInt | https://github.com/apache/sling-org-apache-sling-commons-json/blob/43d3030dbb967232d129ed19f79d0b89b82f4965/src/main/java/org/apache/sling/commons/json/JSONObject.java#L420-L424 | https://github.com/apache/sling-org-apache-sling-commons-json/blob/7a15fe774b6892c770af4d7ad12aa1d1bd7f976c/src/main/java/org/apache/sling/commons/json/JSONObject.java#L795-L805 | No, both versions check for {{Number}} and try to parse if needed | | JSONObject.getJSONArray | https://github.com/apache/sling-org-apache-sling-commons-json/blob/43d3030dbb967232d129ed19f79d0b89b82f4965/src/main/java/org/apache/sling/commons/json/JSONObject.java#L435-L442 | https://github.com/apache/sling-org-apache-sling-commons-json/blob/7a15fe774b6892c770af4d7ad12aa1d1bd7f976c/src/main/java/org/apache/sling/commons/json/JSONObject.java#L817-L823 | No, both versions throw exceptions if the instanceof check fails | | JSONObject.getJSONObject | https://github.com/apache/sling-org-apache-sling-commons-json/blob/43d3030dbb967232d129ed19f79d0b89b82f4965/src/main/java/org/apache/sling/commons/json/JSONObject.java#L453-L460 | https://github.com/apache/sling-org-apache-sling-commons-json/blob/7a15fe774b6892c770af4d7ad12aa1d1bd7f976c/src/main/java/org/apache/sling/commons/json/JSONObject.java#L835-L841 | No, both versions throw exceptions if the instanceof check fails | | JSONObject.getLong | https://github.com/apache/sling-org-apache-sling-commons-json/blob/43d3030dbb967232d129ed19f79d0b89b82f4965/src/main/java/org/apache/sling/commons/json/JSONObject.java#L472-L477 | https://github.com/apache/sling-org-apache-sling-commons-json/blob/7a15fe774b6892c770af4d7ad12aa1d1bd7f976c/src/main/java/org/apache/sling/commons/json/JSONObject.java#L854-L864 | No, both versions check for {{Number}} and try to parse if needed | It looks to me like {{getString}} is the only problematic change. Do you see anything else? > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Remo Liechti updated SLING-12269: - Description: With the new internal release 2.0.22, there seems to be a different behaviour when it comes to get values from JSONObject. The new version checks for types and throws an exception, as of the old version simply called toString() on any object found. *Old:* {{public String getString(String key) throws JSONException {}} {{ return get(key).toString();}} {{}}} *New:* {{public String getString(String key) throws JSONException {}} {{ Objectobject=this.get(key);}} {{ if (objectinstanceofString) {}} {{ return (String) object;}} } {{ throwwrongValueFormatException(key, "string", object, null);}} {{}}} Same is true for all other types, such as getInt, getLong etc. There might be more such small differences in behaviour. was: With the new internal release 2.0.22, there seems to be a different behaviour when it comes to get values from JSONObject. The new version checks for types and throws an exception, as of the old version simply called toString() on any object found. *Old:* {{public String getString(String key) throws JSONException {}} {{ return get(key).toString();}} {{}}} *New:* {{public String getString(String key) throws JSONException {}} {{ Objectobject=this.get(key);}} {{ if (objectinstanceofString) {}} {{ return (String) object;}} } {{ throwwrongValueFormatException(key, "string", object, null);}} {{}}} {{Same is true for all other types, such as getInt, getLong etc.}} {{There might be more such small differences in behaviour.}} > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > Same is true for all other types, such as getInt, getLong etc. > There might be more such small differences in behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SLING-12269) Changed behaviour in commons json when used as a dependency
[ https://issues.apache.org/jira/browse/SLING-12269?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Remo Liechti updated SLING-12269: - Description: With the new internal release 2.0.22, there seems to be a different behaviour when it comes to get values from JSONObject. The new version checks for types and throws an exception, as of the old version simply called toString() on any object found. *Old:* {{public String getString(String key) throws JSONException {}} {{ return get(key).toString();}} {{}}} *New:* {{public String getString(String key) throws JSONException {}} {{ Objectobject=this.get(key);}} {{ if (objectinstanceofString) {}} {{ return (String) object;}} } {{ throwwrongValueFormatException(key, "string", object, null);}} {{}}} {{Same is true for all other types, such as getInt, getLong etc.}} {{There might be more such small differences in behaviour.}} was: With the new internal release 2.0.22, there seems to be a different behaviour when it comes to get values from JSONObject. The new version checks for types and throws an exception, as of the old version simply called toString() on any object found. *Old:* {{public String getString(String key) throws JSONException {}} {{ return get(key).toString();}} {{}}} *New:* {{public String getString(String key) throws JSONException {}} {{ Objectobject=this.get(key);}} {{ if (objectinstanceofString) {}} {{ return (String) object;}} {{ }}} {{ throwwrongValueFormatException(key, "string", object, null);}} {{}}} {{Same is true for all other types, such as getInt, getLong etc.}} {{There might be more such small differences in behaviour.}} > Changed behaviour in commons json when used as a dependency > --- > > Key: SLING-12269 > URL: https://issues.apache.org/jira/browse/SLING-12269 > Project: Sling > Issue Type: Bug >Reporter: Remo Liechti >Priority: Blocker > > With the new internal release 2.0.22, there seems to be a different behaviour > when it comes to get values from JSONObject. > The new version checks for types and throws an exception, as of the old > version simply called toString() on any object found. > *Old:* > {{public String getString(String key) throws JSONException {}} > {{ return get(key).toString();}} > {{}}} > *New:* > {{public String getString(String key) throws JSONException {}} > {{ Objectobject=this.get(key);}} > {{ if (objectinstanceofString) {}} > {{ return (String) object;}} > } > {{ throwwrongValueFormatException(key, "string", object, null);}} > {{}}} > > {{Same is true for all other types, such as getInt, getLong etc.}} > {{There might be more such small differences in behaviour.}} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SLING-12269) Changed behaviour in commons json when used as a dependency
Remo Liechti created SLING-12269: Summary: Changed behaviour in commons json when used as a dependency Key: SLING-12269 URL: https://issues.apache.org/jira/browse/SLING-12269 Project: Sling Issue Type: Bug Reporter: Remo Liechti With the new internal release 2.0.22, there seems to be a different behaviour when it comes to get values from JSONObject. The new version checks for types and throws an exception, as of the old version simply called toString() on any object found. *Old:* {{public String getString(String key) throws JSONException {}} {{ return get(key).toString();}} {{}}} *New:* {{public String getString(String key) throws JSONException {}} {{ Objectobject=this.get(key);}} {{ if (objectinstanceofString) {}} {{ return (String) object;}} {{ }}} {{ throwwrongValueFormatException(key, "string", object, null);}} {{}}} {{Same is true for all other types, such as getInt, getLong etc.}} {{There might be more such small differences in behaviour.}} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[VOTE] Release Apache Sling Commons JSON version 2.0.22
Hi, Time to cut a release of the (still deprecated) commons.json module. We only include the already-known CVE fix, cut from the maintenance branch. We solved 1 issues in this release: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310710= 12354425=Text Staging repository: https://repository.apache.org/content/repositories/orgapachesling-2842 You can use this UNIX script to download the release and verify the signatures: https://raw.githubusercontent.com/apache/sling-tooling-release/master/check_staged_release.sh Usage: sh check_staged_release.sh 2842 /tmp/sling-staging Please vote to approve this release: [ ] +1 Approve the release [ ] 0 Don't care [ ] -1 Don't release, because ... This majority vote is open for at least 72 hours.
[jira] [Updated] (SLING-12268) Fix CVE-2022-47937
[ https://issues.apache.org/jira/browse/SLING-12268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-12268: Fix Version/s: Commons JSON 2.0.22 > Fix CVE-2022-47937 > -- > > Key: SLING-12268 > URL: https://issues.apache.org/jira/browse/SLING-12268 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Assignee: Remo Liechti >Priority: Major > Fix For: Commons JSON 2.0.22 > > > Current version of apache commons json is affected by > [https://nvd.nist.gov/vuln/detail/CVE-2022-47937] > Due to the relicenced base library ([https://github.com/stleary/JSON-java)], > that now uses the 'public domain', the fix of that CVE is as simple as > migrating to the latest codebase of said library. > Along this, it would be beneficial to perform some side activities, such as > the upgrade to the latest parent pom and junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (SLING-12268) Fix CVE-2022-47937
[ https://issues.apache.org/jira/browse/SLING-12268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu resolved SLING-12268. - Resolution: Fixed Thanks for the contribution [~rliechti]! > Fix CVE-2022-47937 > -- > > Key: SLING-12268 > URL: https://issues.apache.org/jira/browse/SLING-12268 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Assignee: Remo Liechti >Priority: Major > Fix For: Commons JSON 2.0.22 > > > Current version of apache commons json is affected by > [https://nvd.nist.gov/vuln/detail/CVE-2022-47937] > Due to the relicenced base library ([https://github.com/stleary/JSON-java)], > that now uses the 'public domain', the fix of that CVE is as simple as > migrating to the latest codebase of said library. > Along this, it would be beneficial to perform some side activities, such as > the upgrade to the latest parent pom and junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (SLING-12268) Fix CVE-2022-47937
[ https://issues.apache.org/jira/browse/SLING-12268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu reassigned SLING-12268: --- Assignee: Remo Liechti > Fix CVE-2022-47937 > -- > > Key: SLING-12268 > URL: https://issues.apache.org/jira/browse/SLING-12268 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Assignee: Remo Liechti >Priority: Major > > Current version of apache commons json is affected by > [https://nvd.nist.gov/vuln/detail/CVE-2022-47937] > Due to the relicenced base library ([https://github.com/stleary/JSON-java)], > that now uses the 'public domain', the fix of that CVE is as simple as > migrating to the latest codebase of said library. > Along this, it would be beneficial to perform some side activities, such as > the upgrade to the latest parent pom and junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-12268) Fix CVE-2022-47937
[ https://issues.apache.org/jira/browse/SLING-12268?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17828315#comment-17828315 ] Remo Liechti commented on SLING-12268: -- the PR is https://github.com/apache/sling-org-apache-sling-commons-json/pull/2 > Fix CVE-2022-47937 > -- > > Key: SLING-12268 > URL: https://issues.apache.org/jira/browse/SLING-12268 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Priority: Major > > Current version of apache commons json is affected by > [https://nvd.nist.gov/vuln/detail/CVE-2022-47937] > Due to the relicenced base library ([https://github.com/stleary/JSON-java)], > that now uses the 'public domain', the fix of that CVE is as simple as > migrating to the latest codebase of said library. > Along this, it would be beneficial to perform some side activities, such as > the upgrade to the latest parent pom and junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SLING-12268) Fix CVE-2022-47937
Remo Liechti created SLING-12268: Summary: Fix CVE-2022-47937 Key: SLING-12268 URL: https://issues.apache.org/jira/browse/SLING-12268 Project: Sling Issue Type: Bug Components: Commons Reporter: Remo Liechti Current version of apache commons json is affected by [https://nvd.nist.gov/vuln/detail/CVE-2022-47937] Due to the relicenced base library ([https://github.com/stleary/JSON-java)], that now uses the 'public domain', the fix of that CVE is as simple as migrating to the latest codebase of said library. Along this, it would be beneficial to perform some side activities, such as the upgrade to the latest parent pom and junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SLING-12267) Log all paths in case of errors
Christian Schneider created SLING-12267: --- Summary: Log all paths in case of errors Key: SLING-12267 URL: https://issues.apache.org/jira/browse/SLING-12267 Project: Sling Issue Type: Improvement Components: Content Distribution Affects Versions: Content Distribution Journal Core 0.2.0 Reporter: Christian Schneider Assignee: Christian Schneider Fix For: Content Distribution Journal Core 0.3.0 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[Jenkins] Sling » Modules » sling-org-apache-sling-starter » master #1304 is FIXED
Please see https://ci-builds.apache.org/job/Sling/job/modules/job/sling-org-apache-sling-starter/job/master/1304/ for details. No further emails will be sent until the status of the build is changed.