[Bug 66575] Use of ByteBuffer.array() not guarded by hasArray()

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66575

--- Comment #5 from Remy Maucherat  ---
(In reply to Christopher Schultz from comment #4)
> Can you submit a PR with a unit test using e.g. a read-only ByteBuffer and
> your proposed change?

I think I'll do it.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Improve optical readability.

2023-04-20 Thread rjung 
This is an automated email from the ASF dual-hosted git repository.

rjung pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 72e7cb6dba Improve optical readability.
72e7cb6dba is described below

commit 72e7cb6dbaeb02943ee2e6c1dda0cbbace73b778
Author: Rainer Jung 
AuthorDate: Thu Apr 20 23:21:52 2023 +0200

Improve optical readability.

Lower case "l" and upper case "I" look very similar.
Use same improved code styling for JsonAccessLogValve
pattern table that is already used for AccessLogValve.
---
 webapps/docs/config/valve.xml | 44 +--
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml
index 2e876defda..936c02b227 100644
--- a/webapps/docs/config/valve.xml
+++ b/webapps/docs/config/valve.xml
@@ -540,28 +540,28 @@
 those are mapped to specific JSON attribute names. The attributes are the
 following:
 
-a: remoteAddr
-A: localAddr
-b: size (byteSent: size)
-B: byteSentNC
-D: elapsedTime
-F: firstByteTime
-h: host
-H: protocol
-l: logicalUserName
-m: method
-p: port
-q: query
-r: request
-s: statusCode
-S: sessionId
-t: time (dateTime: time)
-T: elapsedTimeS
-u: user
-U: path (requestURI: path)
-v: localServerName
-I: threadName
-X: connectionStatus
+%a: remoteAddr
+%A: localAddr
+%b: size (byteSent: size)
+%B: byteSentNC
+%D: elapsedTime
+%F: firstByteTime
+%h: host
+%H: protocol
+%l: logicalUserName
+%m: method
+%p: port
+%q: query
+%r: request
+%s: statusCode
+%S: sessionId
+%t: time (dateTime: time)
+%T: elapsedTimeS
+%u: user
+%U: path (requestURI: path)
+%v: localServerName
+%I: threadName
+%X: connectionStatus
 
 
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Improve optical readability.

2023-04-20 Thread rjung 
This is an automated email from the ASF dual-hosted git repository.

rjung pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new da78336d01 Improve optical readability.
da78336d01 is described below

commit da78336d010c8edc2d16963c2359255da42f758e
Author: Rainer Jung 
AuthorDate: Thu Apr 20 23:20:18 2023 +0200

Improve optical readability.

Lower case "l" and upper case "I" look very similar.
Use same improved code styling for JsonAccessLogValve
pattern table that is already used for AccessLogValve.
---
 webapps/docs/config/valve.xml | 44 +--
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml
index 5bfcf664c8..f065a2181a 100644
--- a/webapps/docs/config/valve.xml
+++ b/webapps/docs/config/valve.xml
@@ -539,28 +539,28 @@
 those are mapped to specific JSON attribute names. The attributes are the
 following:
 
-a: remoteAddr
-A: localAddr
-b: size (byteSent: size)
-B: byteSentNC
-D: elapsedTime
-F: firstByteTime
-h: host
-H: protocol
-l: logicalUserName
-m: method
-p: port
-q: query
-r: request
-s: statusCode
-S: sessionId
-t: time (dateTime: time)
-T: elapsedTimeS
-u: user
-U: path (requestURI: path)
-v: localServerName
-I: threadName
-X: connectionStatus
+%a: remoteAddr
+%A: localAddr
+%b: size (byteSent: size)
+%B: byteSentNC
+%D: elapsedTime
+%F: firstByteTime
+%h: host
+%H: protocol
+%l: logicalUserName
+%m: method
+%p: port
+%q: query
+%r: request
+%s: statusCode
+%S: sessionId
+%t: time (dateTime: time)
+%T: elapsedTimeS
+%u: user
+%U: path (requestURI: path)
+%v: localServerName
+%I: threadName
+%X: connectionStatus
 
 
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Improve optical readability.

2023-04-20 Thread rjung 
This is an automated email from the ASF dual-hosted git repository.

rjung pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new b4a28b0cd9 Improve optical readability.
b4a28b0cd9 is described below

commit b4a28b0cd913ee6f0bce90e791d1d4d00e9bdf3d
Author: Rainer Jung 
AuthorDate: Thu Apr 20 23:11:14 2023 +0200

Improve optical readability.

Lower case "l" and upper case "I" look very similar.
Use same improved code styling for JsonAccessLogValve
pattern table that is already used for AccessLogValve.
---
 webapps/docs/config/valve.xml | 44 +--
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml
index 45d9b32b14..2c15ed6697 100644
--- a/webapps/docs/config/valve.xml
+++ b/webapps/docs/config/valve.xml
@@ -539,28 +539,28 @@
 those are mapped to specific JSON attribute names. The attributes are the
 following:
 
-a: remoteAddr
-A: localAddr
-b: size (byteSent: size)
-B: byteSentNC
-D: elapsedTime
-F: firstByteTime
-h: host
-H: protocol
-l: logicalUserName
-m: method
-p: port
-q: query
-r: request
-s: statusCode
-S: sessionId
-t: time (dateTime: time)
-T: elapsedTimeS
-u: user
-U: path (requestURI: path)
-v: localServerName
-I: threadName
-X: connectionStatus
+%a: remoteAddr
+%A: localAddr
+%b: size (byteSent: size)
+%B: byteSentNC
+%D: elapsedTime
+%F: firstByteTime
+%h: host
+%H: protocol
+%l: logicalUserName
+%m: method
+%p: port
+%q: query
+%r: request
+%s: statusCode
+%S: sessionId
+%t: time (dateTime: time)
+%T: elapsedTimeS
+%u: user
+%U: path (requestURI: path)
+%v: localServerName
+%I: threadName
+%X: connectionStatus
 
 
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66575] Use of ByteBuffer.array() not guarded by hasArray()

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66575

--- Comment #4 from Christopher Schultz  ---
Can you submit a PR with a unit test using e.g. a read-only ByteBuffer and your
proposed change?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: sendfile and async?

2023-04-20 Thread Christopher Schultz 

Rmoain,

On 4/20/23 15:27, Romain Manni-Bucau wrote:

I just notice using nio connector+sendfile+asynccontext seems quite not
functional, is it intended?

>

My original intent was to add a kind of pre-hook to DefaultServlet which
was async (nio http client) so wanted to use asynccontext then delegate to
super.doGet (more or less) but I got this sendfile issue with such a mode.
Is it intended or just part of the code which didnt get enough love?


Can you give a little more detail?

You wanted to subclass DefaultServlet but delegate to super.doGet under 
some cases, right? Do you always enter async mode, then delegate? What 
error/failure do you get?


-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66574] Deadlock in websocket code

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66574

Christopher Schultz  changed:

   What|Removed |Added

 Status|NEW |NEEDINFO

--- Comment #2 from Christopher Schultz  ---
I don't see deadlock, here.

Thread 615 is waiting for 0x000743e004f8 and owns a lock on
0x0006cf2712d8.
Thread 713 is waiting for 0x000743e008a8 and owns locks for
0x00070362a330 and 0x000743e004f8

Thus, thread 713 is waiting on Thread 615, but Thread 615 isn't waiting on
Thread 713.

Unless there are more threads participating, here, then this is not a deadlock.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

sendfile and async?

2023-04-20 Thread Romain Manni-Bucau 
Hi all,

I just notice using nio connector+sendfile+asynccontext seems quite not
functional, is it intended?
My original intent was to add a kind of pre-hook to DefaultServlet which
was async (nio http client) so wanted to use asynccontext then delegate to
super.doGet (more or less) but I got this sendfile issue with such a mode.
Is it intended or just part of the code which didnt get enough love?

Best,
Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book

[Bug 66574] Deadlock in websocket code

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66574

--- Comment #1 from Boris Petrov  ---
I want to mention something that I'm noticing which might not be true but so
far that's always been the case. Whenever this deadlock happens, there's only
ONE such pair of threads with the stacktraces I posted. Before when I had the
similar problems (in the other issue I linked) this wasn't so - there were
many, many blocked threads. Now it seems there's only one pair. Again, not sure
this is true but seems so from a few hours of testing. Hopefully that could
help with debugging.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-training] branch dependabot/npm_and_yarn/lodash-4.17.21 created (now 5fd1ff3)

2023-04-20 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/npm_and_yarn/lodash-4.17.21
in repository https://gitbox.apache.org/repos/asf/tomcat-training.git


  at 5fd1ff3  Bump lodash from 3.7.0 to 4.17.21

No new revisions were added by this update.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat-training] dependabot[bot] opened a new pull request, #17: Bump lodash from 3.7.0 to 4.17.21

2023-04-20 Thread via GitHub 


dependabot[bot] opened a new pull request, #17:
URL: https://github.com/apache/tomcat-training/pull/17

   Bumps [lodash](https://github.com/lodash/lodash) from 3.7.0 to 4.17.21.
   
   Release notes
   Sourced from https://github.com/lodash/lodash/releases;>lodash's releases.
   
   4.0.0
   https://github.com/lodash/lodash/wiki/Changelog#v400;>lodash 
v4.0.0
   2015 was big year! https://lodash.com/;>Lodash became the https://gist.github.com/anvaka/8e8fa57c7ee1350e3491#file-01-most-dependent-upon-md;>most
 depended on npm package, passed http://npm-stat.com/charts.html?package=author=jdalton;>1 
billion downloads,  its v3 release saw massive adoption!
   The year was also one of collaboration, as discussions began on https://redirect.github.com/underdash/underdash/issues/14;>merging Lodash 
 Underscore. Much of Lodash v4 is proofing out the ideas from those 
discussions. Lodash v4 would not be possible without the 
collaboration  contributions of the Underscore core team. In the spirit of 
merging our teams have blended with https://github.com/orgs/lodash/people;>several members contributing 
to both libraries.
   For 2016  https://github.com/lodash/lodash/wiki/Changelog#v400;>lodash v4.0.0 
we wanted to cut loose, push forward,  take things up a notch!
   Modern only
   With v4 we’re breaking free from https://github.com/lodash-archive;>old projects, old environments, 
 dropping https://www.microsoft.com/en-us/WindowsForBusiness/End-of-IE-support;>old 
IE  9 support!
   4 kB Core
   Lodash’s kitchen-sink size will continue to grow as new methods  
functionality are added. However, we now offer a 4 kB (gzipped) https://github.com/lodash/lodash/tree/4.0.0/dist;>core build that’s 
compatible with https://redirect.github.com/jashkenas/backbone/issues/3839;>Backbone 
v1.2.4 for folks who want Lodash without lugging around the kitchen 
sink.
   More ES6
   We’ve continued to embrace ES6 with methods like https://lodash.com/docs#isSymbol;>_.isSymbol, added support for 
cloning  comparing array buffers, maps, sets,  symbols, converting 
iterators to arrays,  iterable _(…).
   In addition, we’ve published an https://github.com/lodash/lodash/tree/4.0.0-es/;>es-build  
pulled https://github.com/lodash/babel-plugin-lodash;>babel-plugin-lodash 
into core to make tree-shaking a breeze.
   More Modular
   Pop quiz! 
   What category path does the bindAll method belong to? Is 
it
   A) require('lodash/function/bindAll')
   B) require('lodash/utility/bindAll')
   C) require('lodash/util/bindAll')
   Don’t know? Well, with v4 it doesn’t matter because now module paths are 
as simple as
   var bindAll = require('lodash/bindAll');
   
   We’ve also reduced module complexity making it easier to create smaller 
bundles. This has helped Lodash adoption with libraries like https://redirect.github.com/caolan/async/pull/996;>Async  https://redirect.github.com/rackt/redux/pull/611;>Redux!
   1st Class FP
   With v3 we introduced https://github.com/lodash-archive/lodash-fp;>lodash-fp. We learned a 
lot  with v4 we decided to https://github.com/lodash/lodash/wiki/FP-Guide;>pull it into core.
   Now you can get immutable, auto-curried, iteratee-first, data-last 
methods as simply as
   var _ = require('lodash/fp');
   var object = { 'a': 1 };
   /tr/table 
   
   
   ... (truncated)
   
   
   Commits
   
   https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538;>f299b52
 Bump to v4.17.21
   https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a;>c4847eb
 Improve performance of toNumber, trim and 
trimEnd on large input strings
   https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c;>3469357
 Prevent command injection through _.template's 
variable option
   https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a;>ded9bc6
 Bump to v4.17.20.
   https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa;>63150ef
 Documentation fixes.
   https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794;>00f0f62
 test.js: Remove trailing comma.
   https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389;>846e434
 Temporarily use a custom fork of lodash-cli.
   https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229;>5d046f3
 Re-enable Travis tests on 4.17 branch.
   https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd;>aa816b3
 Remove /npm-package.
   https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056;>d7fbc52
 Bump to v4.17.19
   Additional commits viewable in https://github.com/lodash/lodash/compare/3.7.0...4.17.21;>compare 
view
   
   
   
   Maintainer changes
   This version was pushed to npm by https://www.npmjs.com/~bnjmnt4n;>bnjmnt4n, a new releaser for lodash 
since your current version.
   
   
   
   
   [![Dependabot compatibility

[tomcat-training] branch dependabot/npm_and_yarn/ms-2.0.0 created (now d188a4d)

2023-04-20 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/npm_and_yarn/ms-2.0.0
in repository https://gitbox.apache.org/repos/asf/tomcat-training.git


  at d188a4d  Bump ms from 0.7.1 to 2.0.0

No new revisions were added by this update.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-training] branch dependabot/npm_and_yarn/debug-2.6.9 created (now ba4212a)

2023-04-20 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/npm_and_yarn/debug-2.6.9
in repository https://gitbox.apache.org/repos/asf/tomcat-training.git


  at ba4212a  Bump debug from 2.2.0 to 2.6.9

No new revisions were added by this update.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-training] branch dependabot/npm_and_yarn/json-schema-0.4.0 created (now 3fd0fb7)

2023-04-20 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/npm_and_yarn/json-schema-0.4.0
in repository https://gitbox.apache.org/repos/asf/tomcat-training.git


  at 3fd0fb7  Bump json-schema from 0.2.3 to 0.4.0

No new revisions were added by this update.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat-training] dependabot[bot] opened a new pull request, #16: Bump debug from 2.2.0 to 2.6.9

2023-04-20 Thread via GitHub 


dependabot[bot] opened a new pull request, #16:
URL: https://github.com/apache/tomcat-training/pull/16

   Bumps [debug](https://github.com/debug-js/debug) from 2.2.0 to 2.6.9.
   
   Release notes
   Sourced from https://github.com/debug-js/debug/releases;>debug's releases.
   
   2.6.9
   Patches
   
   Remove ReDoS regexp in %o formatter: https://redirect.github.com/debug-js/debug/issues/504;>#504
   
   Credits
   Huge thanks to https://github.com/zhuangya;>@​zhuangya for their 
help!
   release 2.6.7
   No release notes provided.
   release 2.6.6
   No release notes provided.
   release 2.6.5
   No release notes provided.
   release 2.6.4
   No release notes provided.
   release 2.6.3
   No release notes provided.
   release 2.6.2
   No release notes provided.
   release 2.6.1
   No release notes provided.
   release 2.6.0
   No release notes provided.
   release 2.5.2
   No release notes provided.
   release 2.5.1
   No release notes provided.
   release 2.4.5
   No release notes provided.
   release 2.4.4
   No release notes provided.
   release 2.4.3
   No release notes provided.
   release 2.4.2
   No release notes provided.
   
   
   ... (truncated)
   
   
   Changelog
   Sourced from https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md;>debug's 
changelog.
   
   2.6.9 / 2017-09-22
   
   remove ReDoS regexp in %o formatter (https://redirect.github.com/debug-js/debug/issues/504;>#504)
   
   2.6.8 / 2017-05-18
   
   Fix: Check for undefined on browser globals (https://redirect.github.com/debug-js/debug/issues/462;>#462, https://github.com/marbemac;>@​marbemac)
   
   2.6.7 / 2017-05-16
   
   Fix: Update ms to 2.0.0 to fix regular expression denial of service 
vulnerability (https://redirect.github.com/debug-js/debug/issues/458;>#458, https://github.com/hubdotcom;>@​hubdotcom)
   Fix: Inline extend function in node implementation (https://redirect.github.com/debug-js/debug/issues/452;>#452, https://github.com/dougwilson;>@​dougwilson)
   Docs: Fix typo (https://redirect.github.com/debug-js/debug/issues/455;>#455, https://github.com/msasad;>@​msasad)
   
   2.6.5 / 2017-04-27
   
   Fix: null reference check on 
window.documentElement.style.WebkitAppearance (https://redirect.github.com/debug-js/debug/issues/447;>#447, https://github.com/thebigredgeek;>@​thebigredgeek)
   Misc: clean up browser reference checks (https://redirect.github.com/debug-js/debug/issues/447;>#447, https://github.com/thebigredgeek;>@​thebigredgeek)
   Misc: add npm-debug.log to .gitignore (https://github.com/thebigredgeek;>@​thebigredgeek)
   
   2.6.4 / 2017-04-20
   
   Fix: bug that would occure if process.env.DEBUG is a non-string value. 
(https://redirect.github.com/debug-js/debug/issues/444;>#444, https://github.com/LucianBuzzo;>@​LucianBuzzo)
   Chore: ignore bower.json in npm installations. (https://redirect.github.com/debug-js/debug/issues/437;>#437, https://github.com/joaovieira;>@​joaovieira)
   Misc: update ms to v0.7.3 (https://github.com/tootallnate;>@​tootallnate)
   
   2.6.3 / 2017-03-13
   
   Fix: Electron reference to process.env.DEBUG (https://redirect.github.com/debug-js/debug/issues/431;>#431, https://github.com/paulcbetts;>@​paulcbetts)
   Docs: Changelog fix (https://github.com/thebigredgeek;>@​thebigredgeek)
   
   2.6.2 / 2017-03-10
   
   Fix: DEBUG_MAX_ARRAY_LENGTH (https://redirect.github.com/debug-js/debug/issues/420;>#420, https://github.com/slavaGanzin;>@​slavaGanzin)
   Docs: Add backers and sponsors from Open Collective (https://redirect.github.com/debug-js/debug/issues/422;>#422, https://github.com/piamancini;>@​piamancini)
   Docs: Add Slackin invite badge (https://github.com/tootallnate;>@​tootallnate)
   
   2.6.1 / 2017-02-10
   
   Fix: Module's export default syntax fix for IE8 
Expected identifier error
   Fix: Whitelist DEBUG_FD for values 1 and 2 only (https://redirect.github.com/debug-js/debug/issues/415;>#415, https://github.com/pi0;>@​pi0)
   
   
   
   ... (truncated)
   
   
   Commits
   
   https://github.com/debug-js/debug/commit/13abeae468fea297d0dccc50bc55590809241083;>13abeae
 Release 2.6.9
   https://github.com/debug-js/debug/commit/f53962e944a87e6ca9bb622a2a12dffc22a9bb5a;>f53962e
 remove ReDoS regexp in %o formatter (https://redirect.github.com/debug-js/debug/issues/504;>#504)
   https://github.com/debug-js/debug/commit/52e1f21284322f167839e5d3a60f635c8b2dc842;>52e1f21
 Release 2.6.8
   https://github.com/debug-js/debug/commit/2482e08e4ef36416154ee27e9a2d60e568a01d48;>2482e08
 Check for undefined on browser globals (https://redirect.github.com/debug-js/debug/issues/462;>#462)
   https://github.com/debug-js/debug/commit/6bb07f7e1bafa33631d8f36a779f17eb8abf5fea;>6bb07f7
 release 2.6.7
   https://github.com/debug-js/debug/commit/15850cb89debc3a2cd0b61ef7f9e298f257506cc;>15850cb
 Fix Regular Expression Denial of Service (ReDoS)
   https://github.com/debug-js/debug/commit/4a6c85c6018a4a4cff4b04f40173ca9d2c72c1da;>4a6c85c
 update debug to v1.0.0

[GitHub] [tomcat-training] dependabot[bot] opened a new pull request, #15: Bump ms from 0.7.1 to 2.0.0

2023-04-20 Thread via GitHub 


dependabot[bot] opened a new pull request, #15:
URL: https://github.com/apache/tomcat-training/pull/15

   Bumps [ms](https://github.com/vercel/ms) from 0.7.1 to 2.0.0.
   
   Release notes
   Sourced from https://github.com/vercel/ms/releases;>ms's 
releases.
   
   2.0.0
   Major Changes
   
   Limit str to 100 to avoid ReDoS of 0.3s: https://redirect.github.com/vercel/ms/issues/89;>#89
   
   Patches
   
   Ignored logs coming from npm: 
b1eaab752203e978492a4d540a7ae1d26e6306b1
   Bumped dependencies to the latest version: 
bcf57157678fd5afc691383145a35e116f9704d0
   Invalidated cache for slack badge: 
94b995c1d6d5d13ec976a0c6849a3cca9b277e6b
   
   Credits
   Huge thanks to https://github.com/karenyavine;>@​karenyavine for their 
help!
   1.0.0
   Major Changes
   
   Removed component specification: 
1fbbe974cdcad96e592dcb65a7b2a8649f690420
   
   Patches
   
   Test on LTS version of Node: 
c9b1fd319f0f9198d85ecf4ba83e46cc1216be04
   Removed XO: 94068ea6d518387670df277f740b1abada80ed48
   Use prettier and eslint: 
57b3ef8e3423cae6254f94c5564a11b4492cff43
   Badge for XO removed: 389840b329436117741b2ef13a172725082695b9
   Removed browser testing: e818c3581aca3119c00d81901bfe8fe653bcfda4
   More suitable name for file containing tests: 
ee91f307a8dc3581ebdad614ec0533ddb3d8bf56
   
   0.7.3
   Patches
   
   Mark options param as optional in jsdoc: https://redirect.github.com/vercel/ms/issues/77;>#77
   Lowercased text files: 5f0653ab192a30301aed8668b4588a87975b41ab
   Pinned dependencies: 126d7f094a1836b991c8d0abfeb4d0ce09ac280f
   Chore(package): update serve to version 5.0.1: https://redirect.github.com/vercel/ms/issues/81;>#81
   
   Credits
   Huge thanks to https://github.com/Jokero;>@​Jokero for their help!
   0.7.2
   Patches 
   
   Added license field to package.json file: https://redirect.github.com/zeit/ms/pull/42;>zeit/ms#42
   Renamed long and short (reserved keywords): https://redirect.github.com/zeit/ms/pull/53;>zeit/ms#53
   Capitalized important files: b2d9f9d
   Specified version numbers for devDependencies in 
package.json: abd3616
   Updated license file to the latest version: 5d53ae8
   Only upload important files to npm, instead of excluding certain ones: 
2b2f02a
   Adjusted name of repository in package.json: e84f95d
   
   
   
   ... (truncated)
   
   
   Commits
   
   https://github.com/vercel/ms/commit/9b88d1568a52ec9bb67ecc8d2aa224fa38fd41f4;>9b88d15
 2.0.0
   https://github.com/vercel/ms/commit/94b995c1d6d5d13ec976a0c6849a3cca9b277e6b;>94b995c
 Invalidated cache for slack badge
   https://github.com/vercel/ms/commit/bcf57157678fd5afc691383145a35e116f9704d0;>bcf5715
 Bumped dependencies to the latest version
   https://github.com/vercel/ms/commit/b1eaab752203e978492a4d540a7ae1d26e6306b1;>b1eaab7
 Ignored logs coming from npm
   https://github.com/vercel/ms/commit/caae2988ba2a37765d055c4eee63d383320ee662;>caae298
 Limit str to 100 to avoid ReDoS of 0.3s (https://redirect.github.com/vercel/ms/issues/89;>#89)
   https://github.com/vercel/ms/commit/b83b36d7266fb1bd779fd19a2f98bab17a04d999;>b83b36d
 chore(package): update eslint to version 3.19.0 (https://redirect.github.com/vercel/ms/issues/88;>#88)
   https://github.com/vercel/ms/commit/3f2a4d71eda1b12bd5d625cce6777bd3604e8923;>3f2a4d7
 chore(package): update husky to version 0.13.3 (https://redirect.github.com/vercel/ms/issues/86;>#86)
   https://github.com/vercel/ms/commit/7daf984a9011e720cc3c165ed82c4506f3471b37;>7daf984
 1.0.0
   https://github.com/vercel/ms/commit/ee91f307a8dc3581ebdad614ec0533ddb3d8bf56;>ee91f30
 More suitable name for file containing tests
   https://github.com/vercel/ms/commit/e818c3581aca3119c00d81901bfe8fe653bcfda4;>e818c35
 Removed browser testing
   Additional commits viewable in https://github.com/vercel/ms/compare/0.7.1...2.0.0;>compare view
   
   
   
   Maintainer changes
   This version was pushed to npm by https://www.npmjs.com/~leo;>leo, a new releaser for ms since your 
current version.
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ms=npm_and_yarn=0.7.1=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot

[GitHub] [tomcat-training] dependabot[bot] opened a new pull request, #14: Bump json-schema from 0.2.3 to 0.4.0

2023-04-20 Thread via GitHub 


dependabot[bot] opened a new pull request, #14:
URL: https://github.com/apache/tomcat-training/pull/14

   Bumps [json-schema](https://github.com/kriszyp/json-schema) from 0.2.3 to 
0.4.0.
   
   Commits
   
   https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa;>f6f6a3b
 Use a little more robust method of checking instances
   https://github.com/kriszyp/json-schema/commit/ef60987a9a14b9d9c739384460044ba53cd9b9a2;>ef60987
 Update version
   https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a;>b62f1da
 Protect against constructor modification, https://redirect.github.com/kriszyp/json-schema/issues/84;>#84
   https://github.com/kriszyp/json-schema/commit/fb427cd4d175684786e4b2538718e72453e825e9;>fb427cd
 Link to json-schema-org repository in addition to site, fixes https://redirect.github.com/kriszyp/json-schema/issues/54;>#54
   https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741;>22f1461
 Don't allow proto property to be used for schema 
default/coerce, fixes https://redirect.github.com/kriszyp/json-schema/issues/84;>#84
   https://github.com/kriszyp/json-schema/commit/c52a27c653428149e4f9fb776d5e110d04639a9c;>c52a27c
 Get basic test to pass
   https://github.com/kriszyp/json-schema/commit/b3f42b3331608fe83b6cc267c5fc513ec1b839ed;>b3f42b3
 Add security policy
   https://github.com/kriszyp/json-schema/commit/3b0cec3042a5aac5c967fd43475f5edc4c5b6eff;>3b0cec3
 Update version
   https://github.com/kriszyp/json-schema/commit/c28470f2d64bace29c73d140f9c6876e3c3a9fef;>c28470f
 Update readme to acknowledge the state of the package
   https://github.com/kriszyp/json-schema/commit/7dff9cd2c35c31ff3c43fa4e38737c94283dd3d3;>7dff9cd
 Merge pull request https://redirect.github.com/kriszyp/json-schema/issues/81;>#81 from 
hodovani/patch-1
   Additional commits viewable in https://github.com/kriszyp/json-schema/compare/v0.2.3...v0.4.0;>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json-schema=npm_and_yarn=0.2.3=0.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts page](https://github.com/apache/tomcat-training/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66575] Use of ByteBuffer.array() not guarded by hasArray()

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66575

--- Comment #3 from Mark Koszykowski  ---
In the specific example of the `PerMessageDeflate`, the issue of the
ReadOnlyException can seemingly be resolved by instead using the
`setInput​(ByteBuffer input)` method on the uncompressedPayload in 
`sendMessagePart(List uncompressedParts)`.

This method appears to account for different ByteBuffer access scenarios like
this, and in my testing was able to resolve issues reported in the Spring
Framework.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66575] Use of ByteBuffer.array() not guarded by hasArray()

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66575

Simon Baslé  changed:

   What|Removed |Added

 Status|NEEDINFO|NEW

--- Comment #2 from Simon Baslé  ---
Sorry if I came across as a little blunt or if it sounded like I was reporting
something just for the sake of perceived correctness. I should have focused on
the fact and let you decide the way forward accordingly, I really just wanted
to be thorough and helpful.

Also, please disregard my comment about unguarded `array()` calls in other
places, I expect that in most cases the buffers are created by Tomcat so code
can assume that these are heap buffers (not direct, not read-only).

But this is indeed based on actual use, according to a report from a Spring
Framework user.

Spring sends a read-only `ByteBuffer` to a WebSocket endpoint via
`RemoteEndpoint.Async#sendBinary`. The user reports that with Tomcat this leads
to a `ReadOnlyBufferException` from the `PerMessageDeflate`.

>From what I can see, the `ByteBuffer` passed to the endpoint is passed along to
`Transformation`s which in this case includes the `PerMessageDeflate`. It ends
up being used as the _input_ to the `Deflater`.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66575] Use of ByteBuffer.array() not guarded by hasArray()

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66575

Remy Maucherat  changed:

   What|Removed |Added

 Status|NEW |NEEDINFO

--- Comment #1 from Remy Maucherat  ---
Are you filing this issue as a general statement, or is this based on actual
use ? Using direct ByteBuffers in user APIs likes this absolutely makes no
sense at all (obviously).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66575] New: Use of ByteBuffer.array() not guarded by hasArray()

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66575

Bug ID: 66575
   Summary: Use of ByteBuffer.array() not guarded by hasArray()
   Product: Tomcat 10
   Version: unspecified
  Hardware: PC
OS: Mac OS X 10.1
Status: NEW
  Severity: normal
  Priority: P2
 Component: WebSocket
  Assignee: dev@tomcat.apache.org
  Reporter: simon.ba...@gmail.com
  Target Milestone: --

This is just an example, and I'm pretty sure this is also the case in other
classes, but in `org.apache.tomcat.websocket.PerMessageDeflate.java` a
`ByteBuffer` is turned into a `byte[]` in order to deflate the payload, using
the
`array()` method (see source:
https://github.com/apache/tomcat/blob/main/java/org/apache/tomcat/websocket/PerMessageDeflate.java#L332)

The trouble is that not all `ByteBuffers` are backed by an `array()` or can
return the `array()`: 
 - direct buffers are not backed by a `byte[]` at all
 - read-only buffers refuse to return their backing array (because it could be
used to modify the contents)

This is well documented in the `ByteBuffer` javadoc which says that such
accesses should be guarded by `hasArray()`.


The alternative (and portable) way of accessing the bytes for a read is to use
one of the various `get(...)` methods, reading the bytes into a `byte[]`.
Note that this implies a copy.

Perhaps there should be a utility method in place for reading `byte[]` out of a
`ByteBuffer` in Tomcat, using `array()` when possible (0-copy) and a variant of
`get` otherwise?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix typos

2023-04-20 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new b6adb83b84 Fix typos
b6adb83b84 is described below

commit b6adb83b8455dc6c35d64affa619a385c4237d0d
Author: Mark Thomas 
AuthorDate: Thu Apr 20 08:54:19 2023 +0100

Fix typos
---
 webapps/docs/changelog.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f31545789f..5bb0b25529 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -168,7 +168,7 @@
   
 66541: Improve handling for cached resources for resources
 that use custom URL schemes. The scheme specific equals()
-and hashcode() algorithms, if present, will now be used 
for
+and hashCode() algorithms, if present, will now be used 
for
 URLs for these resources. This addresses a potential performance issue
 with some OSGi custom URL schemes that can trigger potentially slow DNS
 lookups in some configurations. Based on a patch provided by Tom
@@ -285,7 +285,7 @@
 Update Jacoco to 0.8.9. (markt)
   
   
-Enhance PEMFile to laod from an InputStream. Patch provided by
+Enhance PEMFile to load from an InputStream. Patch provided by
 Romain Manni-Bucau. (schultz)
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix typos

2023-04-20 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 05c5258cb7 Fix typos
05c5258cb7 is described below

commit 05c5258cb75c49c1433f4174c478d4fac28bd6a5
Author: Mark Thomas 
AuthorDate: Thu Apr 20 08:54:19 2023 +0100

Fix typos
---
 webapps/docs/changelog.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index da3c2e2768..57ad80dd43 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -173,7 +173,7 @@
   
 66541: Improve handling for cached resources for resources
 that use custom URL schemes. The scheme specific equals()
-and hashcode() algorithms, if present, will now be used 
for
+and hashCode() algorithms, if present, will now be used 
for
 URLs for these resources. This addresses a potential performance issue
 with some OSGi custom URL schemes that can trigger potentially slow DNS
 lookups in some configurations. Based on a patch provided by Tom
@@ -300,7 +300,7 @@
 Update Jacoco to 0.8.9. (markt)
   
   
-Enhance PEMFile to laod from an InputStream. Patch provided by
+Enhance PEMFile to load from an InputStream. Patch provided by
 Romain Manni-Bucau. (schultz)
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Fix typos

2023-04-20 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 575111c294 Fix typos
575111c294 is described below

commit 575111c2946925afffc144b013e5ce8cd8eb832f
Author: Mark Thomas 
AuthorDate: Thu Apr 20 08:54:19 2023 +0100

Fix typos
---
 webapps/docs/changelog.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 12b054f500..f2e39daa88 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -173,7 +173,7 @@
   
 66541: Improve handling for cached resources for resources
 that use custom URL schemes. The scheme specific equals()
-and hashcode() algorithms, if present, will now be used 
for
+and hashCode() algorithms, if present, will now be used 
for
 URLs for these resources. This addresses a potential performance issue
 with some OSGi custom URL schemes that can trigger potentially slow DNS
 lookups in some configurations. Based on a patch provided by Tom
@@ -318,7 +318,7 @@
 Update Jacoco to 0.8.9. (markt)
   
   
-Enhance PEMFile to laod from an InputStream. Patch provided by
+Enhance PEMFile to load from an InputStream. Patch provided by
 Romain Manni-Bucau. (schultz)
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix typos

2023-04-20 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 6ebd61aea0 Fix typos
6ebd61aea0 is described below

commit 6ebd61aea08bcdf0bc8b0f9725a9bba05b7ea40d
Author: Mark Thomas 
AuthorDate: Thu Apr 20 08:54:19 2023 +0100

Fix typos
---
 webapps/docs/changelog.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index bf51f97cfa..8d738158f1 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -187,7 +187,7 @@
   
 66541: Improve handling for cached resources for resources
 that use custom URL schemes. The scheme specific equals()
-and hashcode() algorithms, if present, will now be used 
for
+and hashCode() algorithms, if present, will now be used 
for
 URLs for these resources. This addresses a potential performance issue
 with some OSGi custom URL schemes that can trigger potentially slow DNS
 lookups in some configurations. Based on a patch provided by Tom
@@ -341,7 +341,7 @@
 Update Jacoco to 0.8.9. (markt)
   
   
-Enhance PEMFile to laod from an InputStream. Patch provided by
+Enhance PEMFile to load from an InputStream. Patch provided by
 Romain Manni-Bucau. (schultz)
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Add support for gb18030-2022 introduced in Java 21

2023-04-20 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 286e574b45 Add support for gb18030-2022 introduced in Java 21
286e574b45 is described below

commit 286e574b45b618ead723427ba82fa3fda8e5dcf7
Author: Mark Thomas 
AuthorDate: Thu Apr 20 08:51:40 2023 +0100

Add support for gb18030-2022 introduced in Java 21
---
 java/org/apache/tomcat/util/buf/CharsetCache.java | 4 +++-
 webapps/docs/changelog.xml| 8 
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/tomcat/util/buf/CharsetCache.java 
b/java/org/apache/tomcat/util/buf/CharsetCache.java
index 4474bee3c9..b26033bb1f 100644
--- a/java/org/apache/tomcat/util/buf/CharsetCache.java
+++ b/java/org/apache/tomcat/util/buf/CharsetCache.java
@@ -153,7 +153,9 @@ public class CharsetCache {
 // Added from OpenJDK 15 ea24
 "iso8859_16",
 // Added from HPE JVM 1.8.0.17-hp-ux
-"cp1051", "cp1386", "cshproman8", "hp-roman8", "ibm-1051", "r8", 
"roman8", "roman9"
+"cp1051", "cp1386", "cshproman8", "hp-roman8", "ibm-1051", "r8", 
"roman8", "roman9",
+// Added from OpenJDK 21 ea18
+"gb18030-2022"
 // If you add and entry to this list, ensure you run
 // TestCharsetUtil#testIsAcsiiSupersetAll()
 };
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4d4f471e22..f31545789f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -113,6 +113,14 @@
   
 
   
+  
+
+  
+Add support for a new character set, gb18030-2022 -
+introduced in Java 21, to the character set caching mechanism. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Add support for gb18030-2022 introduced in Java 21

2023-04-20 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new bc4c185c7e Add support for gb18030-2022 introduced in Java 21
bc4c185c7e is described below

commit bc4c185c7eea4ba410897bbea5a6f54d6b3cae94
Author: Mark Thomas 
AuthorDate: Thu Apr 20 08:51:40 2023 +0100

Add support for gb18030-2022 introduced in Java 21
---
 java/org/apache/tomcat/util/buf/CharsetCache.java | 4 +++-
 webapps/docs/changelog.xml| 8 
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/tomcat/util/buf/CharsetCache.java 
b/java/org/apache/tomcat/util/buf/CharsetCache.java
index 4474bee3c9..b26033bb1f 100644
--- a/java/org/apache/tomcat/util/buf/CharsetCache.java
+++ b/java/org/apache/tomcat/util/buf/CharsetCache.java
@@ -153,7 +153,9 @@ public class CharsetCache {
 // Added from OpenJDK 15 ea24
 "iso8859_16",
 // Added from HPE JVM 1.8.0.17-hp-ux
-"cp1051", "cp1386", "cshproman8", "hp-roman8", "ibm-1051", "r8", 
"roman8", "roman9"
+"cp1051", "cp1386", "cshproman8", "hp-roman8", "ibm-1051", "r8", 
"roman8", "roman9",
+// Added from OpenJDK 21 ea18
+"gb18030-2022"
 // If you add and entry to this list, ensure you run
 // TestCharsetUtil#testIsAcsiiSupersetAll()
 };
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 9908aa6eb9..da3c2e2768 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -113,6 +113,14 @@
   
 
   
+  
+
+  
+Add support for a new character set, gb18030-2022 -
+introduced in Java 21, to the character set caching mechanism. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Add support for gb18030-2022 introduced in Java 21

2023-04-20 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 1ef0e9f808 Add support for gb18030-2022 introduced in Java 21
1ef0e9f808 is described below

commit 1ef0e9f808b727f50142dcaeef9de7838126bd8f
Author: Mark Thomas 
AuthorDate: Thu Apr 20 08:51:40 2023 +0100

Add support for gb18030-2022 introduced in Java 21
---
 java/org/apache/tomcat/util/buf/CharsetCache.java | 4 +++-
 webapps/docs/changelog.xml| 8 
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/tomcat/util/buf/CharsetCache.java 
b/java/org/apache/tomcat/util/buf/CharsetCache.java
index 4474bee3c9..b26033bb1f 100644
--- a/java/org/apache/tomcat/util/buf/CharsetCache.java
+++ b/java/org/apache/tomcat/util/buf/CharsetCache.java
@@ -153,7 +153,9 @@ public class CharsetCache {
 // Added from OpenJDK 15 ea24
 "iso8859_16",
 // Added from HPE JVM 1.8.0.17-hp-ux
-"cp1051", "cp1386", "cshproman8", "hp-roman8", "ibm-1051", "r8", 
"roman8", "roman9"
+"cp1051", "cp1386", "cshproman8", "hp-roman8", "ibm-1051", "r8", 
"roman8", "roman9",
+// Added from OpenJDK 21 ea18
+"gb18030-2022"
 // If you add and entry to this list, ensure you run
 // TestCharsetUtil#testIsAcsiiSupersetAll()
 };
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 11e33bab3c..12b054f500 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -113,6 +113,14 @@
   
 
   
+  
+
+  
+Add support for a new character set, gb18030-2022 -
+introduced in Java 21, to the character set caching mechanism. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Add support for gb18030-2022 introduced in Java 21

2023-04-20 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new c41f72fada Add support for gb18030-2022 introduced in Java 21
c41f72fada is described below

commit c41f72fadab3f887414ae9801f89ffce1a19a6ef
Author: Mark Thomas 
AuthorDate: Thu Apr 20 08:51:40 2023 +0100

Add support for gb18030-2022 introduced in Java 21
---
 java/org/apache/tomcat/util/buf/CharsetCache.java | 4 +++-
 webapps/docs/changelog.xml| 8 
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/tomcat/util/buf/CharsetCache.java 
b/java/org/apache/tomcat/util/buf/CharsetCache.java
index 4474bee3c9..b26033bb1f 100644
--- a/java/org/apache/tomcat/util/buf/CharsetCache.java
+++ b/java/org/apache/tomcat/util/buf/CharsetCache.java
@@ -153,7 +153,9 @@ public class CharsetCache {
 // Added from OpenJDK 15 ea24
 "iso8859_16",
 // Added from HPE JVM 1.8.0.17-hp-ux
-"cp1051", "cp1386", "cshproman8", "hp-roman8", "ibm-1051", "r8", 
"roman8", "roman9"
+"cp1051", "cp1386", "cshproman8", "hp-roman8", "ibm-1051", "r8", 
"roman8", "roman9",
+// Added from OpenJDK 21 ea18
+"gb18030-2022"
 // If you add and entry to this list, ensure you run
 // TestCharsetUtil#testIsAcsiiSupersetAll()
 };
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 71e2067b31..bf51f97cfa 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -113,6 +113,14 @@
   
 
   
+  
+
+  
+Add support for a new character set, gb18030-2022 -
+introduced in Java 21, to the character set caching mechanism. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66574] New: Deadlock in websocket code

2023-04-20 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=66574

Bug ID: 66574
   Summary: Deadlock in websocket code
   Product: Tomcat 9
   Version: 9.0.74
  Hardware: PC
OS: Linux
Status: NEW
  Severity: regression
  Priority: P2
 Component: WebSocket
  Assignee: dev@tomcat.apache.org
  Reporter: boris_pet...@live.com
  Target Milestone: -

I believe this is a regression from 9.0.73 - that is, I never encountered that
issue with 9.0.73 (which of course doesn't say that it wasn't there but with
9.0.74 it happens very often so...).

I think it's closely related to (or the same as) these:

https://bz.apache.org/bugzilla/show_bug.cgi?id=63191
https://bz.apache.org/bugzilla/show_bug.cgi?id=66531

The first issue I opened a few years ago. Then, around Tomcat 9.0.71 it stopped
appearing and all was fine. 9.0.72 seemed fine as well as 9.0.73. But now
9.0.74 seems to have introduced it again (or something new). Here are the
relevant stack traces:

-

"thread name" #615 [2030] daemon prio=5 os_prio=0 cpu=667.09ms
elapsed=57804.86s tid=0x7fc189c87000 nid=2030 waiting on condition 
[0x7fc0bb57c000]
   java.lang.Thread.State: WAITING (parking)
at jdk.internal.misc.Unsafe.park(java.base@19.0.2/Native Method)
- parking to wait for  <0x000743e004f8> (a
java.util.concurrent.locks.ReentrantLock$NonfairSync)
at
java.util.concurrent.locks.LockSupport.park(java.base@19.0.2/LockSupport.java:221)
at
java.util.concurrent.locks.AbstractQueuedSynchronizer.acquire(java.base@19.0.2/AbstractQueuedSynchronizer.java:715)
at
java.util.concurrent.locks.AbstractQueuedSynchronizer.acquire(java.base@19.0.2/AbstractQueuedSynchronizer.java:938)
at
java.util.concurrent.locks.ReentrantLock$Sync.lock(java.base@19.0.2/ReentrantLock.java:153)
at
java.util.concurrent.locks.ReentrantLock.lock(java.base@19.0.2/ReentrantLock.java:322)
at org.apache.tomcat.websocket.WsSession.doClose(WsSession.java:654)
at org.apache.tomcat.websocket.WsSession.doClose(WsSession.java:636)
at org.apache.tomcat.websocket.WsSession.close(WsSession.java:624)
at
org.cometd.server.websocket.javax.WebSocketEndPoint$Delegate.close(WebSocketEndPoint.java:119)
at
org.cometd.server.websocket.common.AbstractWebSocketEndPoint.lambda$onMessage$0(AbstractWebSocketEndPoint.java:70)
at
org.cometd.server.websocket.common.AbstractWebSocketEndPoint$$Lambda$1929/0x0007c10e7078.accept(Unknown
Source)
at org.cometd.bayeux.Promise$2.fail(Promise.java:108)
at
org.cometd.server.websocket.common.AbstractWebSocketEndPoint$$Lambda$1953/0x0007c111c440.accept(Unknown
Source)
at org.cometd.bayeux.Promise$2.fail(Promise.java:108)
at
org.cometd.server.websocket.common.AbstractWebSocketEndPoint$Entry.fail(AbstractWebSocketEndPoint.java:645)
at
org.cometd.server.websocket.common.AbstractWebSocketEndPoint$Flusher.lambda$onCompleteFailure$0(AbstractWebSocketEndPoint.java:612)
at
org.cometd.server.websocket.common.AbstractWebSocketEndPoint$Flusher$$Lambda$2642/0x0007c13f9800.accept(Unknown
Source)
at java.util.ArrayList.forEach(java.base@19.0.2/ArrayList.java:1511)
at
org.cometd.server.websocket.common.AbstractWebSocketEndPoint$Flusher.onCompleteFailure(AbstractWebSocketEndPoint.java:612)
at
org.eclipse.jetty.util.IteratingCallback.failed(IteratingCallback.java:417)
at
org.cometd.server.websocket.javax.WebSocketEndPoint$Delegate.lambda$send$0(WebSocketEndPoint.java:106)
at
org.cometd.server.websocket.javax.WebSocketEndPoint$Delegate$$Lambda$1954/0x0007c111d438.onResult(Unknown
Source)
at
org.apache.tomcat.websocket.WsRemoteEndpointImplBase$TextMessageSendHandler.onResult(WsRemoteEndpointImplBase.java:846)
at
org.apache.tomcat.websocket.WsRemoteEndpointImplBase.endMessage(WsRemoteEndpointImplBase.java:442)
at
org.apache.tomcat.websocket.WsRemoteEndpointImplBase$EndMessageHandler.onResult(WsRemoteEndpointImplBase.java:563)
at
org.apache.tomcat.websocket.server.WsRemoteEndpointImplServer$OnResultRunnable.run(WsRemoteEndpointImplServer.java:395)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(java.base@19.0.2/Thread.java:1589)

   Locked ownable synchronizers:
- <0x0006cf2712d8> (a
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker)

-

"other thread name" #713 [2702] daemon prio=5 os_prio=0 cpu=523.94ms
elapsed=53545.41s tid=0x7fc187e92000 nid=2702 waiting on condition 
[0x7fc0c107c000]
   java.lang.Thread.State: WAITING