[jira] [Updated] (WW-5339) Mitigate against custom class ASTMap node construction

2023-08-22 Thread Lukasz Lenart (Jira)
[ https://issues.apache.org/jira/browse/WW-5339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-5339: -- Fix Version/s: 6.4.0 > Mitigate against custom class ASTMap node construction >

[jira] [Updated] (WW-5340) Introduce optional AST node exclusion list

2023-08-22 Thread Lukasz Lenart (Jira)
[ https://issues.apache.org/jira/browse/WW-5340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-5340: -- Fix Version/s: 6.4.0 > Introduce optional AST node exclusion list >

[GitHub] [struts] dependabot[bot] commented on pull request #724: Bump ognl:ognl from 3.3.4 to 3.4.1

2023-08-22 Thread via GitHub
dependabot[bot] commented on PR #724: URL: https://github.com/apache/struts/pull/724#issuecomment-1688188401 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let

[GitHub] [struts] dependabot[bot] commented on pull request #719: Bump org.mortbay.jetty:jsp-2.1 from 6.1.26 to 7.0.0pre2

2023-08-22 Thread via GitHub
dependabot[bot] commented on PR #719: URL: https://github.com/apache/struts/pull/719#issuecomment-1688187715 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let

[jira] [Resolved] (WW-5336) Merge OgnlTool class into StrutsUtil class

2023-08-22 Thread Lukasz Lenart (Jira)
[ https://issues.apache.org/jira/browse/WW-5336?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart resolved WW-5336. --- Resolution: Fixed > Merge OgnlTool class into StrutsUtil class >

[jira] [Work logged] (WW-5336) Merge OgnlTool class into StrutsUtil class

2023-08-22 Thread ASF GitHub Bot (Jira)
[ https://issues.apache.org/jira/browse/WW-5336?focusedWorklogId=877513=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-877513 ] ASF GitHub Bot logged work on WW-5336: -- Author: ASF GitHub Bot

[jira] [Work logged] (WW-5336) Merge OgnlTool class into StrutsUtil class

2023-08-22 Thread ASF GitHub Bot (Jira)
[ https://issues.apache.org/jira/browse/WW-5336?focusedWorklogId=877496=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-877496 ] ASF GitHub Bot logged work on WW-5336: -- Author: ASF GitHub Bot

[jira] [Updated] (WW-5340) Introduce optional AST node exclusion list

2023-08-22 Thread Kusal Kithul-Godage (Jira)
[ https://issues.apache.org/jira/browse/WW-5340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kusal Kithul-Godage updated WW-5340: Description: Enhance security by implementing an optional exclusion list (in struts.xml)

[jira] [Updated] (WW-5339) Mitigate against custom class ASTMap node construction

2023-08-22 Thread Kusal Kithul-Godage (Jira)
[ https://issues.apache.org/jira/browse/WW-5339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kusal Kithul-Godage updated WW-5339: Description: i.e. @@{} syntax (was: i.e. {{@@{}}} syntax) > Mitigate against custom class

[jira] [Updated] (WW-5339) Mitigate against custom class ASTMap node construction

2023-08-22 Thread Kusal Kithul-Godage (Jira)
[ https://issues.apache.org/jira/browse/WW-5339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kusal Kithul-Godage updated WW-5339: Description: i.e. {{@@{}}} syntax > Mitigate against custom class ASTMap node construction >

[jira] [Created] (WW-5340) Introduce optional AST node exclusion list

2023-08-22 Thread Kusal Kithul-Godage (Jira)
Kusal Kithul-Godage created WW-5340: --- Summary: Introduce optional AST node exclusion list Key: WW-5340 URL: https://issues.apache.org/jira/browse/WW-5340 Project: Struts 2 Issue Type:

[jira] [Created] (WW-5339) Mitigate against custom class ASTMap node construction

2023-08-22 Thread Kusal Kithul-Godage (Jira)
Kusal Kithul-Godage created WW-5339: --- Summary: Mitigate against custom class ASTMap node construction Key: WW-5339 URL: https://issues.apache.org/jira/browse/WW-5339 Project: Struts 2

[jira] [Work logged] (WW-5336) Merge OgnlTool class into StrutsUtil class

2023-08-22 Thread ASF GitHub Bot (Jira)
[ https://issues.apache.org/jira/browse/WW-5336?focusedWorklogId=877425=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-877425 ] ASF GitHub Bot logged work on WW-5336: -- Author: ASF GitHub Bot

[jira] [Created] (WW-5338) Remove deprecated OgnlTool

2023-08-22 Thread Lukasz Lenart (Jira)
Lukasz Lenart created WW-5338: - Summary: Remove deprecated OgnlTool Key: WW-5338 URL: https://issues.apache.org/jira/browse/WW-5338 Project: Struts 2 Issue Type: Improvement

[jira] [Work logged] (WW-5336) Merge OgnlTool class into StrutsUtil class

2023-08-22 Thread ASF GitHub Bot (Jira)
[ https://issues.apache.org/jira/browse/WW-5336?focusedWorklogId=877403=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-877403 ] ASF GitHub Bot logged work on WW-5336: -- Author: ASF GitHub Bot

[GitHub] [struts] sonarcloud[bot] commented on pull request #735: WW-5336 Deprecate OgnlTool

2023-08-22 Thread via GitHub
sonarcloud[bot] commented on PR #735: URL: https://github.com/apache/struts/pull/735#issuecomment-1687561188 Kudos, SonarCloud Quality Gate passed! [![Quality Gate passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png 'Quality

[jira] [Work logged] (WW-5336) Merge OgnlTool class into StrutsUtil class

2023-08-22 Thread ASF GitHub Bot (Jira)
[ https://issues.apache.org/jira/browse/WW-5336?focusedWorklogId=877401=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-877401 ] ASF GitHub Bot logged work on WW-5336: -- Author: ASF GitHub Bot

[GitHub] [struts] kusalk commented on a diff in pull request #735: WW-5336 Deprecate OgnlTool

2023-08-22 Thread via GitHub
kusalk commented on code in PR #735: URL: https://github.com/apache/struts/pull/735#discussion_r1301076946 ## core/src/test/java/org/apache/struts2/util/StrutsUtilTest.java: ## @@ -145,28 +147,51 @@ public void testGetContextMethod() { } -public void

[jira] [Work logged] (WW-5336) Merge OgnlTool class into StrutsUtil class

2023-08-22 Thread ASF GitHub Bot (Jira)
[ https://issues.apache.org/jira/browse/WW-5336?focusedWorklogId=877400=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-877400 ] ASF GitHub Bot logged work on WW-5336: -- Author: ASF GitHub Bot

[GitHub] [struts] kusalk commented on a diff in pull request #735: WW-5336 Deprecate OgnlTool

2023-08-22 Thread via GitHub
kusalk commented on code in PR #735: URL: https://github.com/apache/struts/pull/735#discussion_r1301075562 ## core/src/main/resources/struts-beans.xml: ## @@ -198,7 +198,7 @@ - + Review Comment: Amended - I tend to favour the same line as sometimes comments

[GitHub] [struts] dependabot[bot] commented on pull request #722: Bump javax.servlet:javax.servlet-api from 3.0.1 to 3.1.0

2023-08-22 Thread via GitHub
dependabot[bot] commented on PR #722: URL: https://github.com/apache/struts/pull/722#issuecomment-1687530796 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let