Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pkgin install clang-9.0.1 killed pkgin itself #241

Closed
yb66 opened this issue Feb 19, 2020 · 8 comments
Closed

pkgin install clang-9.0.1 killed pkgin itself #241

yb66 opened this issue Feb 19, 2020 · 8 comments
Assignees

Comments

@yb66
Copy link

yb66 commented Feb 19, 2020

Hi there,

pkgin install clang-9.0.1 led to:

$ pkgin help
dyld: Library not loaded: /opt/pkg/lib/libcrypto.1.0.0.dylib
  Referenced from: /opt/pkg/bin/pkgin
  Reason: image not found
[1]    1729 abort      pkgin help

It seems the first command updated libcrypto to v1.1 and pkgin was pointed at v1.0. It's fixed after a full reinstall, which was painful given I'd installed newer versions of curl and tar via pkgin too.

I think I've had this kind of thing happen once before. Is it not possible to lock versions of things that pkgin relies on, or perhaps it would be better to keep those things separate from the packages it manages?

Just a thought.

This was on a Mac, btw.

Regards,
iain

@jperkin
Copy link
Collaborator

jperkin commented Feb 19, 2020

There was a major OpenSSL 1.1.1 upgrade a few months ago, and unless all packages are upgraded at the same time to get past it then you can run into problems.

There was a bug in pkgin prior to this where a "pkgin install" would not consider all dependencies of a package, so in this case would not upgrade all packages affected by the OpenSSL upgrade. This has since been fixed, but you would not have been running the fixed version of pkgin.

I'll be producing a newer macOS bootstrap so that new users don't hit this, and while I think I've now covered all of the install-related fixes, it's still worth always performing a "pkgin upgrade" prior to any "pkgin install" to ensure you have all the latest packages.

Thanks, and sorry for the breakage, it's hopefully a one-time thing.

@jperkin jperkin closed this as completed Feb 19, 2020
@jperkin jperkin self-assigned this Feb 19, 2020
@yb66
Copy link
Author

yb66 commented Feb 19, 2020

@jperkin,

I see, that's fair enough. Thanks for taking the time with this, it's much appreciated.

Regards,
iain

@Pictor13
Copy link

@jperkin , do you have a recommended easy way to fix this?

Possibly without compromising the packages already installed with pkgin?

Or a full reinstall either of pkgin and all the packages is needed?
(and not sure I won't need to reinstall them all or they will be working)

@jperkin
Copy link
Collaborator

jperkin commented Feb 27, 2020 via email

@Pictor13
Copy link

Pictor13 commented Feb 27, 2020

Pardon me, I wasn't clear enough.
I'm talking about fixing pkgin itself, after getting the "Library not loaded: /opt/pkg/lib/libcrypto.1.0.0.dylib" error, because of upgrading openssl already, without being previously aware of the effects on the package manager.
I can't run any pkgin <command>.

@jperkin
Copy link
Collaborator

jperkin commented Feb 27, 2020

Ah ok. You should be able to get past this by running pkg_add -U pkgin openssl libarchive, then pkgin should work again for you to run pkgin full-upgrade to update everything else.

@Pictor13
Copy link

Oh, I was trying just openssl without libarchive; it's restored now, thank you!! =)

@jperkin
Copy link
Collaborator

jperkin commented Feb 28, 2020

Yeh the error can be a little confusing as the libcrypto.1.0.0.dylib library dependency is coming from libarchive indirectly rather than from pkgin directly.

jperkin pushed a commit that referenced this issue Mar 7, 2020
ChangeLog:

v5.6.2

Bug fixes:

    #271 fixes a corner-case bug with more than 100 CSV/TSV files with
    headers of varying lengths.

Documentation:

    The new http://johnkerl.org/miller/doc/whyc-details.html is an
    elaboration on http://johnkerl.org/miller/doc/whyc.html which answers
    a question posed by @BurntSushi on Reddit a couple years ago which
    I did not address in detail at the time.

v5.6.1

    The only change is that http://johnkerl.org/miller/doc is now
    more mobile-friendly.  All build artifacts are the same as at
    https://github.com/johnkerl/miller/releases/tag/v5.6.0

v5.6.0

    The new system DSL function allows you to run arbitrary shell commands
    and store them in field values. Some example usages are documented
    here. This is in response to issues #246 and #209.

    There is now support for ASV and USV file formats. This is in response
    to issue #245.

    The new format-values verb allows you to apply numerical formatting
    across all record values. This is in response to issue #252.

Documentation:

    The new DKVP I/O in Python sample code now works for Python 2 as
    well as Python 3.

    There is a new cookbook entry on doing multiple joins. This is in
    response to issue #235.

Bugfixes:

    The toupper, tolower, and capitalize DSL functions
    are now UTF-8 aware, thanks to @sheredom's marvelous
    https://github.com/sheredom/utf8.h. The internationalization page
    has also been expanded. This is in response to issue #254.

    #250 fixes a bug using in-place mode in conjunction with verbs
    (such as rename or sort) which take field-name lists as arguments.

    #253 fixes a bug in the label when one or more names are common
    between old and new.

    #251 fixes a corner-case bug when (a) input is CSV; (b) the last
    field ends with a comma and no newline; (c) input is from standard
    input and/or --no-mmap is supplied.

v5.5.0

    The new positional-indexing feature resolves #236 from @aborruso. You
    can now get the name of the 3rd field of each record via $[[3]], and
    its value by $[[[3]]]. These are both usable on either the left-hand
    or right-hand side of assignment statements, so you can more easily
    do things like renaming fields progrmatically within the DSL.

    There is a new capitalize DSL function, complementing the
    already-existing toupper. This stems from #236.

    There is a new skip-trivial-records verb, resolving #197. Similarly,
    there is a new remove-empty-columns verb, resolving #206. Both are
    useful for data-cleaning use-cases.

    Another pair is #181 and #256. While Miller uses mmap internally
    (and invisibily) to get approximately a 20% performance boost over
    not using it, this can cause out-of-memory issues with reading either
    large files, or too many small ones. Now, Miller automatically avoids
    mmap in these cases. You can still use --mmap or --no-mmap if you
    want manual control of this.

    There is a new --ivar option for the nest verb which complements
    the already-existing --evar. This is from #260 thanks to @jgreely.

    There is a new keystroke-saving urandrange DSL function:
    urandrange(low, high) is the same as low + (high - low) *
    urand(). This arose from #243.

    There is a new -v option for the cat verb which writes a low-level
    record-structure dump to standard error.

    There is a new -N option for mlr which is a keystroke-saver for
    --implicit-csv-header --headerless-csv-output.

Documentation:

    The new FAQ entry
    http://johnkerl.org/miller/doc/faq.html#How_to_escape_'%3F'_in_regexes%3F
    resolves #203.

    The new FAQ entry
    http://johnkerl.org/miller/doc/faq.html#How_can_I_filter_by_date%3F
    resolves #208.

    #244 fixes a documentation issue while highlighting the need for #241.

Bugfixes:

    There was a SEGV using nest within then-chains, fixed in response
    to #220.

    Quotes and backslashes weren't being escaped in JSON output with
    --jvquoteall; reported on #222.

v5.4.0

    The new clean-whitespace verb resolves #190 from @aborruso. Along with
    the new functions strip, lstrip, rstrip, collapse_whitespace, and
    clean_whitespace, there is now both coarse-grained and fine-grained
    control over whitespace within field names and/or values. See the
    linked-to documentation for examples.

    The new altkv verb resolves #184 which was originally opened via an
    email request. This supports mapping value-lists such as a,b,c,d to
    alternating key-value pairs such as a=b,c=d.

    The new fill-down verb resolves #189 by @aborruso. See the linked-to
    documentation for examples.

    The uniq verb now has a uniq -a which resolves #168 from @sjackman.

    The new regextract and regextract_or_else functions resolve #183
    by @aborruso.

    The new ssub function arises from #171 by @dohse, as a simplified way
    to avoid escaping characters which are special to regular-expression
    parsers.

    There are new localtime functions in response to #170 by
    @sitaramc. However note that as discussed on #170 these do
    not undo one another in all circumstances. This is a non-issue
    for timezones which do not do DST. Otherwise, please use with
    disclaimers: localdate, localtime2sec, sec2localdate, sec2localtime,
    strftime_local, and strptime_local.

Builds:

    Windows build-artifacts are now available in Appveyor at
    https://ci.appveyor.com/project/johnkerl/miller/build/artifacts,
    and will be attached to this and future releases. This resolves #167,
    #148, and #109.

    Travis builds at https://travis-ci.org/johnkerl/miller/builds now
    run on OSX as well as Linux.

    An Ubuntu 17 build issue was fixed by @singalen on #164.

Documentation:

    put/filter documentation was confusing as reported by @NikosAlexandris
    on #169.

    The new FAQ entry
    http://johnkerl.org/miller-releases/miller-head/doc/faq.html#How_to_rectangularize_after_joins_with_unpaired?
    resolves #193 by @aborruso.

    The new cookbook entry
    http://johnkerl.org/miller/doc/cookbook.html#Options_for_dealing_with_duplicate_rows
    arises from #168 from @sjackman.

    The unsparsify documentation had some words missing as reported by
    @tst2005 on #194.

    There was a typo in the cookpage page
    http://johnkerl.org/miller/doc/cookbook.html#Full_field_renames_and_reassigns
    as fixed by @tst2005 in #192.

Bugfixes:

    There was a memory leak for TSV-format files only as reported by
    @treynr on #181.

    Dollar sign in regular expressions were not being escaped properly
    as reported by @dohse on #171.

v5.3.0

    Comment strings in data files: mlr --skip-comments allows
    you to filter out input lines starting with #, for all file
    formats. Likewise, mlr --skip-comments-with X lets you specify
    the comment-string X. Comments are only supported at start of data
    line. mlr --pass-comments and mlr --pass-comments-with X allow you
    to forward comments to program output as they are read.

    The count-similar verb lets you compute cluster sizes by cluster
    labels.

    While Miller DSL arithmetic gracefully overflows from 64-integer
    to double-precision float (see also here), there are now the
    integer-preserving arithmetic operators .+ .- .* ./ .// for those
    times when you want integer overflow.

    There is a new bitcount function: for example, echo x=0xf0000206 |
    mlr put '$y=bitcount($x)' produces x=0xf0000206,y=7.

    Issue 158: mlr -T is an alias for --nidx --fs tab, and mlr -t is an
    alias for mlr --tsvlite.

    The mathematical constants π and e have been renamed from PI and
    E to M_PI and M_E, respectively. (It's annoying to get a syntax
    error when you try to define a variable named E in the DSL, when
    A through D work just fine.) This is a backward incompatibility,
    but not enough of us to justify calling this release Miller 6.0.0.

Documentation:

    As noted here, while Miller has its own DSL there will always be
    things better expressible in a general-purpose language. The new page
    Sharing data with other languages shows how to seamlessly share data
    back and forth between Miller, Ruby, and Python. SQL-input examples
    and SQL-output examples contain detailed information the interplay
    between Miller and SQL.

    Issue 150 raised a question about suppressing numeric conversion. This
    resulted in a new FAQ entry How do I suppress numeric conversion?,
    as well as the longer-term follow-on issue 151 which will make
    numeric conversion happen on a just-in-time basis.

    To my surprise, csvlite format options weren’t listed in mlr --help
    or the manpage. This has been fixed.

    Documentation for auxiliary commands has been expanded, including
    within the manpage.

Bugfixes:

    Issue 159 fixes regex-match of literal dot.

    Issue 160 fixes out-of-memory cases for huge files. This is an old
    bug, as old as Miller, and is due to inadequate testing of huge-file
    cases. The problem is simple: Miller prefers memory-mapped I/O
    (using mmap) over stdio since mmap is fractionally faster. Yet as
    any processing (even mlr cat) steps through an input file, more and
    more pages are faulted in -- and, unfortunately, previous pages are
    not paged out once memory pressure increases. (This despite gallant
    attempts with madvise.) Once all processing is done, the memory is
    released; there is no leak per se. But the Miller process can crash
    before the entire file is read. The solution is equally simple: to
    prefer stdio over mmap for files over 4GB in size. (This 4GB threshold
    is tunable via the --mmap-below flag as described in the manpage.)

    Issue 161 fixes a CSV-parse error (with error message "unwrapped
    double quote at line 0") when a CSV file starts with the UTF-8
    byte-order-mark ("BOM") sequence 0xef 0xbb 0xbf and the header line
    has double-quoted fields. (Release 5.2.0 introduced handling for
    UTF-8 BOMs, but missed the case of double-quoted header line.)

    Issue 162 fixes a corner case doing multi-emit of aggregate variables
    when the first variable name is a typo.

    The Miller JSON parser used to error with Unable to parse JSON data:
    Line 1 column 0: Unexpected 0x00 when seeking value on empty input,
    or input with trailing whitespace; this has been fixed.
jperkin pushed a commit that referenced this issue Mar 17, 2020
# v0.19.4

## Bugfix

- slack: fix regression with slack library (#264)
- slack: fix an unexpected panic (#263)


# v0.19.3

## Enhancement

* general: Add UPDATELASTVIEWED command, and make DisableAutoView work consistently (#255)
* slack: Handle message edits and deletion (#260)
* slack: Add handling of reactions, stars and pins (#229)

## Bugfix

* mattermost: Fix a panic #247
* mattermost: Fixes incorrect users because of paging. #244
* mattermost: Fix outdated channel issue
* mattermost: Add paging so we can see > 200 users in a channel #248
* mattermost: Fix expired session panic #259
* general: Fix datarace #246
* general: Fix empty JoinInclude
* general: Fix panic #257

This release couldn't exist without the following contributors:
@Aketzu, @bucko909, @42wim

# v0.19.2
## Enhancement
* general: Add a default value matterirc.toml for the '-conf' flag (#240)
* slack: library updated
* mattermost: library updated
* mattermost: Add support for channel created/deleted events

## Bugfix
* mattermost: Remove ourselves from the channel when removed in mattermost. Fixes #233
* mattermost: Add/remove ourselves to the channel if we join using the GUI. #239
* mattermost: Update topics in mattermost. Closes #241
* mattermost: Fix pastes and attachments in direct message. Closes #228
* mattermost: Update channels if not known on join yet

# v0.19.1
## New features
* mattermost: Added support for disabling of automatic view flag updates (#226). See DisableAutoView in matterircd.toml.example
* slack: Add message showing enhancements and add slackbot to all channels (#230)

## Bugfix
* general: Fix tight loop (100% CPU). Closes #231

# v0.19.0
## New features
* irc: Add support for spoofing query messages. #195
	* You can now see your own messages you've typed on slack/mattermost web in irc
* irc: Add PasteBufferTimeout option (send ascii-art!)
   	* See matterircd.toml.example for an example.
   	* PasteBufferTimeout specifies the amount of time in milliseconds that messages get kept in matterircd internal buffer before being sent to
   	 mattermost or slack.  Messages that will be received in this time will be concatenated together
   	 So this can be used to paste stuff like ascii-art or code.
   	 Default 0 (is disabled)
   	 Depending on how fast you type 2500 is a good number

## Bugfix
* slack: Correctly handle different nick and username #203
* slack: Ignore channel join messages #198
jperkin pushed a commit that referenced this issue Aug 25, 2020
Vala 0.48.8
===========
 * Various improvements and bug fixes:
  - codegen:
    + Handle "gtk_param_spec_expression" in get_param_spec()
    + Properly compare string if binary-expression contains string-literal
    + Inline allocated and constant arrays are never NULL
    + Check param for null before using it
    + Properly destroy elements of an inline struct array [#365]
  - vala:
    + Avoid subsequent critical caused by invalid array type for constant
    + Improve error handling of nested initializer lists
    + Don't allow "resize" invocation on variable with unowned array type [#928]
    + Property must be writable when invoking ReturnsModifiedPointer method [#1023]
    + Recursive check of assignment target to recognize constants [#944]
    + Return copy of constant type in get_value_type_for_symbol()
    + Handle parameter initializer without value-type
    + Fully qualify member-access when using-directive was used to resolve [#57]
    + Tranform instance member-access to a static one if possible [#270]
    + Improve check of expression passed to yield
    + Allow prototype access to signal with emitter
    + Check error-type accessibility of creation methods and delegates
  - girparser: Warn about conflicting signals and properties
  - girparser: Skip 'docsection' elements in <namespace>
  - girwriter:
    + Add c:identifier-prefixes to <namespace>
    + Write c:type="void" when name="none"
    + Write c:symbol-prefix on supported elements
    + Don't include symbols outside of a namespace [#241]
    + Use appropriate get_ccode_* functions
  - libvaladoc: Support exporting the `class` modifier on methods and fields
  - Disable deprecation warnings when checking bindings
  - tests: Fix "methods/extern" test with -Werror=address and gcc 5.4.0

 * Bindings:
   - glib-2.0: Add AtomicUint, an alternation of AtomicInt for uint [#915]
   - gstreamer: Update from 1.17.2+ git master
   - gtk+-3.0: Update to 3.24.21+ffe2df7b
   - gtk+-3.0: Resolve conflicts of signals with properties
   - gtk4: Resolve conflict of DropTarget.drop signal with property [#1033]
   - gtk4: Improve Gtk.ParamSpecExpression binding
   - gtk4: Fix binding of CClosureExpression ctor [#1024]
   - gtk4,gtk4-unix-print: Update to 3.98.5+23dcf36e
   - webkit2gtk-4.0: Update to 2.29.4
jperkin pushed a commit that referenced this issue Sep 9, 2020
4.50 2019-06-22

    [ ENHANCEMENT ]
    - Add APPEND_QUERY_STRING option (GH #243, thanks to stevenh)

4.49 2020-06-08

    [ FIX ]
    - remove deprecation warning as no longer in core (GH #221)

4.48 2020-06-02

    [ FIX ]
    - fix CGI::Cookie->bake() doesn't work with mod_perl redirects (GH #240)
    - thanks to sherrardb for the PR (GH #241)
jperkin pushed a commit that referenced this issue Sep 16, 2020
Update ruby-nio4r package to 2.5.3.


2.5.3 (2020-09-07)

* #241 Possible bug with Ruby >= 2.7.0 and GC.compact. (@boazsegev)
jperkin pushed a commit that referenced this issue Sep 21, 2020
2.0.3 (2020-08-22)
~~~~~~~~~~~~~~~~~~

- Fix issues when building re2c as a CMake subproject
  (`#302 <https://github.com/skvadrik/re2c/pull/302>`_:

- Final corrections in the SIMPA article "RE2C: A lexer generator based on
  lookahead-TDFA", https://doi.org/10.1016/j.simpa.2020.100027

2.0.2 (2020-08-08)
~~~~~~~~~~~~~~~~~~

- Enable re2go building by default.

- Package CMake files into release tarball.

2.0.1 (2020-07-29)
~~~~~~~~~~~~~~~~~~

- Updated version for CMake build system (forgotten in release 2.0).

- Added a short article about re2c for the Software Impacts journal.

2.0 (2020-07-20)
~~~~~~~~~~~~~~~~

- Added new code generation backend for Go and a new ``re2go`` program
  (`#272 <https://github.com/skvadrik/re2c/issues/272>`_: Go support).
  Added option ``--lang <c | go>``.

- Added CMake build system as an alternative to Autotools
  (`#275 <https://github.com/skvadrik/re2c/pull/275>`_:
  Add a CMake build system (thanks to ligfx),
  `#244 <https://github.com/skvadrik/re2c/issues/244>`_: Switching to CMake).

- Changes in generic API:

  + Removed primitives ``YYSTAGPD`` and ``YYMTAGPD``.
  + Added primitives ``YYSHIFT``, ``YYSHIFTSTAG``, ``YYSHIFTMTAG``
    that allow to express fixed tags in terms of generic API.
  + Added configurations ``re2c:api:style`` and ``re2c:api:sigil``.
  + Added named placeholders in interpolated configuration strings.

- Changes in reuse mode (``-r, --reuse`` option):

  + Do not reset API-related configurations in each `use:re2c` block
    (`#291 <https://github.com/skvadrik/re2c/issues/291>`_:
    Defines in rules block are not propagated to use blocks).
  + Use block-local options instead of last block options.
  + Do not accumulate options from rules/reuse blocks in whole-program options.
  + Generate non-overlapping YYFILL labels for reuse blocks.
  + Generate start label for each reuse block in storable state mode.

- Changes in start-conditions mode (``-c, --start-conditions`` option):

  + Allow to use normal (non-conditional) blocks in `-c` mode
    (`#263 <https://github.com/skvadrik/re2c/issues/263>`_:
    allow mixing conditional and non-conditional blocks with -c,
    `#296 <https://github.com/skvadrik/re2c/issues/296>`_:
    Conditions required for all lexers when using '-c' option).
  + Generate condition switch in every re2c block
    (`#295 <https://github.com/skvadrik/re2c/issues/295>`_:
    Condition switch generated for only one lexer per file).

- Changes in the generated labels:

  + Use ``yyeof`` label prefix instead of ``yyeofrule``.
  + Use ``yyfill`` label prefix instead of ``yyFillLabel``.
  + Decouple start label and initial label (affects label numbering).

- Removed undocumented configuration ``re2c:flags:o``, ``re2c:flags:output``.

- Changes in ``re2c:flags:t``, ``re2c:flags:type-header`` configuration:
  filename is now relative to the output file directory.

- Added option ``--case-ranges`` and configuration ``re2c:flags:case-ranges``.

- Extended fixed tags optimization for the case of fixed-counter repetition.

- Fixed bugs related to EOF rule:

  + `#276 <https://github.com/skvadrik/re2c/issues/276>`_:
    Example 01_fill.re in docs is broken
  + `#280 <https://github.com/skvadrik/re2c/issues/280>`_:
    EOF rules with multiple blocks
  + `#284 <https://github.com/skvadrik/re2c/issues/284>`_:
    mismatched YYBACKUP and YYRESTORE
    (Add missing fallback states with EOF rule)

- Fixed miscellaneous bugs:

  + `#286 <https://github.com/skvadrik/re2c/issues/286>`_:
    Incorrect submatch values with fixed-length trailing context.
  + `#297 <https://github.com/skvadrik/re2c/issues/297>`_:
    configure error on ubuntu 18.04 / cmake 3.10

- Changed bootstrap process (require explicit configuration flags and a path to
  re2c executable to regenerate the lexers).

- Added internal options ``--posix-prectable <naive | complex>``.

- Added debug option ``--dump-dfa-tree``.

- Major revision of the paper "Efficient POSIX submatch extraction on NFA".

----
1.3x
----

1.3 (2019-12-14)
~~~~~~~~~~~~~~~~

- Added option: ``--stadfa``.

- Added warning: ``-Wsentinel-in-midrule``.

- Added generic API primitives:

  + ``YYSTAGPD``
  + ``YYMTAGPD``

- Added configurations:

  + ``re2c:sentinel = 0;``
  + ``re2c:define:YYSTAGPD = "YYSTAGPD";``
  + ``re2c:define:YYMTAGPD = "YYMTAGPD";``

- Worked on reproducible builds
  (`#258 <https://github.com/skvadrik/re2c/pull/258>`_:
  Make the build reproducible).

----
1.2x
----

1.2.1 (2019-08-11)
~~~~~~~~~~~~~~~~~~

- Fixed bug `#253 <https://github.com/skvadrik/re2c/issues/253>`_:
  re2c should install unicode_categories.re somewhere.

- Fixed bug `#254 <https://github.com/skvadrik/re2c/issues/254>`_:
  Turn off re2c:eof = 0.

1.2 (2019-08-02)
~~~~~~~~~~~~~~~~

- Added EOF rule ``$`` and configuration ``re2c:eof``.

- Added ``/*!include:re2c ... */`` directive and ``-I`` option.

- Added ``/*!header:re2c:on*/`` and ``/*!header:re2c:off*/`` directives.

- Added ``--input-encoding <ascii | utf8>`` option.

  + `#237 <https://github.com/skvadrik/re2c/issues/237>`_:
    Handle non-ASCII encoded characters in regular expressions
  + `#250 <https://github.com/skvadrik/re2c/issues/250>`_
    UTF8 enoding

- Added include file with a list of definitions for Unicode character classes.

  + `#235 <https://github.com/skvadrik/re2c/issues/235>`_:
    Unicode character classes

- Added ``--location-format <gnu | msvc>`` option.

  + `#195 <https://github.com/skvadrik/re2c/issues/195>`_:
    Please consider using Gnu format for error messages

- Added ``--verbose`` option that prints "success" message if re2c exits
  without errors.

- Added configurations for options:

  + ``-o --output`` (specify output file)
  + ``-t --type-header`` (specify header file)

- Removed configurations for internal/debug options.

- Extended ``-r`` option: allow to mix multiple ``/*!rules:re2c*/``,
  ``/*!use:re2c*/`` and ``/*!re2c*/`` blocks.

  + `#55 <https://github.com/skvadrik/re2c/issues/55>`_:
    allow standard re2c blocks in reuse mode

- Fixed ``-F --flex-support`` option: parsing and operator precedence.

  + `#229 <https://github.com/skvadrik/re2c/issues/229>`_:
    re2c option -F (flex syntax) broken
  + `#242 <https://github.com/skvadrik/re2c/issues/242>`_:
    Operator precedence with --flex-syntax is broken

- Changed difference operator ``/`` to apply before encoding expansion of
  operands.

  + `#236 <https://github.com/skvadrik/re2c/issues/236>`_:
    Support range difference with variable-length encodings

- Changed output generation of output file to be atomic.

  + `#245 <https://github.com/skvadrik/re2c/issues/245>`_:
    re2c output is not atomic

- Authored research paper "Efficient POSIX Submatch Extraction on NFA"
  together with Dr Angelo Borsotti.

- Added experimental libre2c library (``--enable-libs`` configure option) with
  the following algorithms:

  + TDFA with leftmost-greedy disambiguation
  + TDFA with POSIX disambiguation (Okui-Suzuki algorithm)
  + TNFA with leftmost-greedy disambiguation
  + TNFA with POSIX disambiguation (Okui-Suzuki algorithm)
  + TNFA with lazy POSIX disambiguation (Okui-Suzuki algorithm)
  + TNFA with POSIX disambiguation (Kuklewicz algorithm)
  + TNFA with POSIX disambiguation (Cox algorithm)

- Added debug subsystem (``--enable-debug`` configure option) and new debug
  options:

  + ``-dump-cfg`` (dump control flow graph of tag variables)
  + ``-dump-interf`` (dump interference table of tag variables)
  + ``-dump-closure-stats`` (dump epsilon-closure statistics)

- Added internal options:

  + ``--posix-closure <gor1 | gtop>`` (switch between shortest-path algorithms
    used for the construction of POSIX closure)

- Fixed a number of crashes found by American Fuzzy Lop fuzzer:

  + `#226 <https://github.com/skvadrik/re2c/issues/226>`_,
    `#227 <https://github.com/skvadrik/re2c/issues/227>`_,
    `#228 <https://github.com/skvadrik/re2c/issues/228>`_,
    `#231 <https://github.com/skvadrik/re2c/issues/231>`_,
    `#232 <https://github.com/skvadrik/re2c/issues/232>`_,
    `#233 <https://github.com/skvadrik/re2c/issues/233>`_,
    `#234 <https://github.com/skvadrik/re2c/issues/234>`_,
    `#238 <https://github.com/skvadrik/re2c/issues/238>`_

- Fixed handling of newlines:

  + correctly parse multi-character newlines CR LF in ``#line`` directives
  + consistently convert all newlines in the generated file to Unix-style LF

- Changed default tarball format from .gz to .xz.

  + `#221 <https://github.com/skvadrik/re2c/issues/221>`_:
    big source tarball

- Fixed a number of other bugs and resolved issues:

  + `#2 <https://github.com/skvadrik/re2c/issues/2>`_: abort
  + `#6 <https://github.com/skvadrik/re2c/issues/6>`_: segfault
  + `#10 <https://github.com/skvadrik/re2c/issues/10>`_:
    lessons/002_upn_calculator/calc_002 doesn't produce a useful example program
  + `#44 <https://github.com/skvadrik/re2c/issues/44>`_:
    Access violation when translating the attached file
  + `#49 <https://github.com/skvadrik/re2c/issues/49>`_:
    wildcard state \000 rules makes lexer behave weard
  + `#98 <https://github.com/skvadrik/re2c/issues/98>`_:
    Transparent handling of #line directives in input files
  + `#104 <https://github.com/skvadrik/re2c/issues/104>`_:
    Improve const-correctness
  + `#105 <https://github.com/skvadrik/re2c/issues/105>`_:
    Conversion of pointer parameters into references
  + `#114 <https://github.com/skvadrik/re2c/issues/114>`_:
    Possibility of fixing bug 2535084
  + `#120 <https://github.com/skvadrik/re2c/issues/120>`_:
    condition consisting of default rule only is ignored
  + `#167 <https://github.com/skvadrik/re2c/issues/167>`_:
    Add word boundary support
  + `#168 <https://github.com/skvadrik/re2c/issues/168>`_:
    Wikipedia's article on re2c
  + `#180 <https://github.com/skvadrik/re2c/issues/180>`_:
    Comment syntax?
  + `#182 <https://github.com/skvadrik/re2c/issues/182>`_:
    yych being set by YYPEEK () and then not used
  + `#196 <https://github.com/skvadrik/re2c/issues/196>`_:
    Implicit type conversion warnings
  + `#198 <https://github.com/skvadrik/re2c/issues/198>`_:
    no match for ‘operator!=’ in ‘i != std::vector<_Tp, _Alloc>::rend() [with _Tp = re2c::bitmap_t, _Alloc = std::allocator<re2c::bitmap_t>]()’
  + `#210 <https://github.com/skvadrik/re2c/issues/210>`_:
    How to build re2c in windows?
  + `#215 <https://github.com/skvadrik/re2c/issues/215>`_:
    A memory read overrun issue in s_to_n32_unsafe.cc
  + `#220 <https://github.com/skvadrik/re2c/issues/220>`_:
    src/dfa/dfa.h: simplify constructor to avoid g++-3.4 bug
  + `#223 <https://github.com/skvadrik/re2c/issues/223>`_:
    Fix typo
  + `#224 <https://github.com/skvadrik/re2c/issues/224>`_:
    src/dfa/closure_posix.cc: pack() tweaks
  + `#225 <https://github.com/skvadrik/re2c/issues/225>`_:
    Documentation link is broken in libre2c/README
  + `#230 <https://github.com/skvadrik/re2c/issues/230>`_:
    Changes for upcoming Travis' infra migration
  + `#239 <https://github.com/skvadrik/re2c/issues/239>`_:
    Push model example has wrong re2c invocation, breaks guide
  + `#241 <https://github.com/skvadrik/re2c/issues/241>`_:
    Guidance on how to use re2c for full-duplex command & response protocol
  + `#243 <https://github.com/skvadrik/re2c/issues/243>`_:
    A code generated for period (.) requires 4 bytes
  + `#246 <https://github.com/skvadrik/re2c/issues/246>`_:
    Please add a license to this repo
  + `#247 <https://github.com/skvadrik/re2c/issues/247>`_:
    Build failure on current Cygwin, probably caused by force-fed c++98 mode
  + `#248 <https://github.com/skvadrik/re2c/issues/248>`_:
    distcheck still looks for README
  + `#251 <https://github.com/skvadrik/re2c/issues/251>`_:
    Including what you use is find, but not without inclusion guards

- Updated documentation and website.
jperkin pushed a commit that referenced this issue Nov 24, 2020
This release addresses the following:

    New Features:
        Add support for infostore in EnvIsSet Test case #240 (ThomasAdam)
        Add variable/parameter which indicates the state of the FVWM3 logging #239 (NsCDE)
        Support for setting default mouse cursor on all FvwmScript widgets #222 (NsCDE)
        Add support for triangle indicator in/out sub options #221 (NsCDE)
        Add WindowName option to FvwmButtons #219 (NsCDE)

    Build problems:
        compilation fails on openbsd-current due to safemalloc.h (va_list) #231
        "version of go" misinterpreted by configure script? #202
        Unable to build 1.0, bson.h not found [FreeBSD 12.1] #200

    Bug-fixes:
        _NET_WM_STATE was not updated for maximized windows #203
        EwmhBaseStruts calculations don't use monitor's #241
        DesktopConfiguration global inherits behaviour from per-monitor mode #236
        FvwmEvent: missing monitor\_focus event #228
        perllib: doesn't understand MX_MONITOR_* events #226
        FvwmButtons subpanels not popped out on primary monitor when desk is > 0 #224
        PositionPlacement Center: fix to use current screen #211
        EwmhBaseStruts missing screen info from manpage #208
        EwmhBaseStrut: fix calculations for per-monitor #242 (ThomasAdam)
        Fix window locations in Global mode #237 (ThomasAdam)
jperkin pushed a commit that referenced this issue Feb 23, 2021
Changelog:
## [1.7.2](rime/librime@1.7.1...1.7.2) (2021-02-07)


### Bug Fixes

* **chord_composer:** should clear raw input after committing text ([79b34ab](rime/librime@79b34ab))



## [1.7.1](rime/librime@1.7.0...1.7.1) (2021-02-06)


### Bug Fixes

* **chord_composer:** press Return key to commit raw key sequence ([2b25861](rime/librime@2b25861))



# [1.7.0](rime/librime@1.6.1...1.7.0) (2021-01-17)


### Bug Fixes

* **chord_composer:** more safely handle the placeholder ZWSP ([025d9fb](rime/librime@025d9fb))
* **cmake:** use full paths defined by GNUInstallDirs ([bb8c263](rime/librime@bb8c263)), closes [#424](rime/librime#424)
* **opencc:** update submodule to fix [#425](rime/librime#425) ([3fa1571](rime/librime@3fa1571))
* **script_translator:** always_show_comments also applies to phrases ([440a97c](rime/librime@440a97c)), closes [#272](rime/librime#272) [#419](rime/librime#419)
* **table_translator:** index out of bound access in string ([ff7acdc](rime/librime@ff7acdc))


### Features

* **chareset_filter:** add CJK Compatibility Ideographs in is_extended_cjk() ([3cb1128](rime/librime@3cb1128)), closes [#305](rime/librime#305)
* **setup:** find and load external RIME plugins as shared libs [#431](rime/librime#431) ([b2abd09](rime/librime@b2abd09))



## [1.6.1](rime/librime@1.6.0...1.6.1) (2020-09-21)


### Bug Fixes

* **rime_api.cc:** dangling pointer returned from RimeGetSharedDataDir ([78abaa8](rime/librime@78abaa8))



# [1.6.0](rime/librime@1.5.3...1.6.0) (2020-09-20)


### Bug Fixes

* **ascii_composer:** do not comsume Shift key release ([debc2c0](rime/librime@debc2c0))
* **ascii_composer:** first read ascii_composer/good_old_caps_lock from schema config ([3fc56c4](rime/librime@3fc56c4))
* **chord_composer:** commit raw input with uppercase letters ([cc983d5](rime/librime@cc983d5))
* **CMakeLists.txt:** ensure paths in pkgconfig file are absolute ([0e96e51](rime/librime@0e96e51))
* **CMakeLists.txt:** would not use signals v1 due to a typo ([6662a28](rime/librime@6662a28)), closes [#225](rime/librime#225)
* **custom_settings:** accept "*.schema" as config id ([604da0b](rime/librime@604da0b))
* **dict:** issues with user db recovery ([0f3d0df](rime/librime@0f3d0df))
* **dict_compiler:** build prism with loaded syllabary when not rebuilding primary table ([93fe827](rime/librime@93fe827))
* **plugins/CMakeLists.txt:** avoid rime_library linking to itself via rime_plugins_deps ([fe744db](rime/librime@fe744db))
* **rime_api.cc:** check struct has member of non-pointer type ([090dfa4](rime/librime@090dfa4))
* **rime_api.cc:** using unchecked fields introduced an ABI breakage ([62bbead](rime/librime@62bbead)), closes [/github.com/rime/librime/pull/328#pullrequestreview-335125464](https://github.com//github.com/rime/librime/pull/328/issues/pullrequestreview-335125464)
* **rime_test:** set data directories to working directory using rime::SetupDeployer API ([7c08a90](rime/librime@7c08a90))
* **simplifier:** opencc::DictEntry::Values() type change in opencc 1.1.0 ([beae5b1](rime/librime@beae5b1)), closes [#367](rime/librime#367)
* **user_db:** pointer cast error caused by multiple inheritance ([2ed780b](rime/librime@2ed780b))
* use official emoji 12.0 data ([#304](rime/librime#304)) ([75a60dc](rime/librime@75a60dc))


### Features

* **api:** implement capnproto api ([873f648](rime/librime@873f648))
* **api:** include candidate labels in proto message ([aae7a0c](rime/librime@aae7a0c))
* **charset_filter:** support charset options with emoji ([#293](rime/librime#293)) ([943c95b](rime/librime@943c95b))
* **charset_filter:** support CJK Unified Ideographs Extension G ([#393](rime/librime#393)) ([0a1573d](rime/librime@0a1573d))
* **chord_composer:** support chording with Shift keys ([94cf479](rime/librime@94cf479))
* **chord_composer:** use Control, Alt, Shift to input chord ([f3a2ad0](rime/librime@f3a2ad0))
* **dictionary:** packs extends the dictionary with extra binary table files ([930074c](rime/librime@930074c))
* **key_binder:** bind key to a key sequence ([3b5dbf6](rime/librime@3b5dbf6)), closes [#301](rime/librime#301)
* **logging:** setup min log level, log dir and set file mode to log files ([90839b0](rime/librime@90839b0))
* **selector:** support 4 combinations of horizontal/vertical text orientation and stacked/linear candidate list layout ([c498f71](rime/librime@c498f71))
* **selector:** support vertical UI ([dbb35c6](rime/librime@dbb35c6))
* **switcher:** enable schema in cases where conditions are met ([217c72b](rime/librime@217c72b))
* **tools/rime_proto_console:** demo for proto api ([d88ef9f](rime/librime@d88ef9f))


### Performance Improvements

* **poet:** optimize for performance in making sentences (~40% faster) ([0853465](rime/librime@0853465))



## [1.5.3](rime/librime@1.5.2...1.5.3) (2019-06-22)


### Bug Fixes

* **cmake, xcode.mk:** find optional dependency icu, while building xcode/release-with-icu target  [skip appveyor] ([17a80f8](rime/librime@17a80f8))
* **single_char_filter:** broken in librime 1.5.2 ([6948a62](rime/librime@6948a62))


### Features

* **appveyor:** build variant "rime-with-plugins" for tagged commits  [skip travis] ([eef8c30](rime/librime@eef8c30))
* **travis-ci:** build variant "rime-with-plugins" for tagged commits  [skip appveyor] ([cf11c27](rime/librime@cf11c27))
* **travis-ci:** deploy artifacts for macOS to GitHub releases  [skip appveyor] ([3f03784](rime/librime@3f03784))



## [1.5.2](rime/librime@1.5.1...1.5.2) (2019-06-17)


### Bug Fixes

* **user_dictionary, contextual_translation:** fix user phrase quality; order contextual suggestions by type ([69d5c32](rime/librime@69d5c32))



## [1.5.1](rime/librime@1.5.0...1.5.1) (2019-06-16)


### Bug Fixes

* **user_dictionary:** make user phrases comparable in weight to system words ([982f69d](rime/librime@982f69d))



# [1.5.0](rime/librime@1.4.0...1.5.0) (2019-06-06)


### Bug Fixes

* **ci:** update build script ([84a1a1b](rime/librime@84a1a1b))
* **ci:** use submodules in AppVeyor CI build script ([7b515b4](rime/librime@7b515b4))
* **cmake:** libboost Windows XP compatibility fix ([#270](rime/librime#270)) ([fecfe39](rime/librime@fecfe39)), closes [rime/weasel#337](rime/weasel#337)
* **CMakeLists.txt:** install header files in all platforms ([821d563](rime/librime@821d563))
* **CMakeLists.txt:** set "-std=c++11" in CMAKE_CXX_FLAGS ([5d8a836](rime/librime@5d8a836))
* **config/plugins.h:** memory leak caused by non-virtual destructor ([316a659](rime/librime@316a659)), closes [#259](rime/librime#259)
* **deploy:** treat schema dependencies as optional; do not report errors if missing ([ff3d5e9](rime/librime@ff3d5e9))
* **engine:** schema doesn't match the one used by switcher ([e41bb63](rime/librime@e41bb63)), closes [#269](rime/librime#269)
* **rime_levers_api.h:** customize_bool() misused `bool` type ([42bacc5](rime/librime@42bacc5))
* **syllabifier:** enable_completion not working ([2714131](rime/librime@2714131)), closes [#343](rime/librime#343)
* **table_translator:** null pointer exception when dict entries are filtered ([77438a9](rime/librime@77438a9))
* **test:** compile error in unit test ([7076d9e](rime/librime@7076d9e))
* **travis-install.sh:** working directory ([97220ce](rime/librime@97220ce))


### Features

* **appveyor:** install RIME_PLUGINS  [skip travis] ([c7ce66f](rime/librime@c7ce66f))
* **CMakeList.txt:** add plugin build support ([#257](rime/librime#257)) ([dfa341b](rime/librime@dfa341b))
* **contextual_translation:** weight and re-order phrases by context ([2390da3](rime/librime@2390da3))
* **dict:** specify vocabulary db name in dict settings ([dcdc301](rime/librime@dcdc301))
* **grammar:** compare homophones/homographs in sentence ([9248a6b](rime/librime@9248a6b))
* **install-plugins.sh:** git-clone or update plugins ([70483b4](rime/librime@70483b4))
* **poet:** find best sentence candidates ([b3f4005](rime/librime@b3f4005))
* **rime_api:** get candidate list from index ([c587900](rime/librime@c587900))
* **translator:** contextual suggestions in partially selected sentence ([12a7501](rime/librime@12a7501))
* **translator:** look at preceding text when making sentence ([6ae34de](rime/librime@6ae34de))
* **travis-ci:** install plugins specified in envvar RIME_PLUGINS ([c857639](rime/librime@c857639))


### Performance Improvements

* **dictionary:** refactor DictEntryIterator and do partial sort ([0258c7f](rime/librime@0258c7f))


### BREAKING CHANGES

* **rime_levers_api.h:** in signature of C API function `customize_bool()`,
change type `bool` to `Bool` (alias of `int`).

Impact: the changed function is not in use by any first party code,
known to be in use by osfans/trime.



# [1.4.0](rime/librime@1.3.2...1.4.0) (2019-01-16)


### Bug Fixes

* **config:** user_config should not fall back to shared data ([68c8a34](rime/librime@68c8a34)), closes [#271](rime/librime#271)
* **SymlinkingPrebuiltDictionaries:** remove dangling symlinks ([5ad333d](rime/librime@5ad333d)), closes [#241](rime/librime#241)
* **SymlinkingPrebuiltDictionaries:** remove dangling symlinks ([f8e4ebf](rime/librime@f8e4ebf)), closes [#241](rime/librime#241)


### Features

* spelling correction ([#228](rime/librime#228)) ([ad3638a](rime/librime@ad3638a))
* **Dockerfile:** for build ([#246](rime/librime#246)) ([cafd0d5](rime/librime@cafd0d5))



## [1.3.2](rime/librime@1.3.1...1.3.2) (2018-11-12)


### Bug Fixes

* **CMakeLists.txt:** do not link binaries when building static library ([99573e3](rime/librime@99573e3))
* **CMakeLists.txt:** do not require boost::signals, which will be deprecated in Boost 1.69 ([8a9ef3b](rime/librime@8a9ef3b)), closes [#225](rime/librime#225)
* **config_compiler:** ambiguous operator overload with cmake option ENABLE_LOGGING=OFF ([b86b647](rime/librime@b86b647)), closes [#211](rime/librime#211)
* **config_compiler:** support creating list in-place by __patch and __merge ([0784eb0](rime/librime@0784eb0))
* **table_translator:** enable encoding uniquified commit history ([74e31bc](rime/librime@74e31bc))


### Features

* **language:** shared user dictionary per language (Closes [#184](rime/librime#184)) ([#214](rime/librime#214)) ([9f774e7](rime/librime@9f774e7))
* always_show_comments option ([#220](rime/librime#220)) ([19cea07](rime/librime@19cea07))



## [1.3.1](rime/librime@1.3.0...1.3.1) (2018-04-01)


### Bug Fixes

* **config_file_update:** clean up deprecated user copy ([#193](rime/librime#193)) ([8d8d2e6](rime/librime@8d8d2e6))
* **thirdparty/src/leveldb:** do not link to snappy library ([6f6056a](rime/librime@6f6056a))



# 1.3.0 (2018-03-09)


### Bug Fixes

* **CMakeLists.txt, build.bat:** install header files (public API) ([06c9e86](rime/librime@06c9e86))
* **config_compiler:** "/" mistaken as path separator in merged map key ([#192](rime/librime#192)) ([831ffba](rime/librime@831ffba)), closes [#190](rime/librime#190)
* **ConfigFileUpdate:** no need to create user build if shared build is up-to-date ([cafd5c4](rime/librime@cafd5c4))
* **SchemaUpdate:** read compiled schema from shared build if there is no user build ([45a04dd](rime/librime@45a04dd))
* **simplifier:** fix typo ([9e1114e](rime/librime@9e1114e)), closes [#183](rime/librime#183)
* **user_db:** unwanted implicit instantiation of UserDbFormat template ([3cbc9cb](rime/librime@3cbc9cb)), closes [#188](rime/librime#188)


### Chores

* **release tag:** deprecating tag name prefix 'rime-' in favor of semver 'X.Y.Z'


### BREAKING CHANGES

* **release tag:** After 1.3.0 release, we'll no longer be creating tags in the format 'rime-X.Y.Z'. Downstream packagers please change automated scripts accordingly.



## 1.2.10 (2018-02-21)


### Bug Fixes

* **config_compiler:** linking failure on blocking root node of a dependency resource ([ecf3397](rime/librime@ecf3397))
* table_translator not making sentence if table entry is hidden by charset filter. ([77eb12e](rime/librime@77eb12e))
* **appveyor.install.bat:** switch to a more stable download server for libboost ([bcc4d10](rime/librime@bcc4d10))
* **appveyor.yml:** archive header files ([c8b1e67](rime/librime@c8b1e67))
* **ascii_composer:** support key binding Shift+space in ascii mode ([7077389](rime/librime@7077389))
* **build.bat:** fix build errors with VS2015 build tools ([ec940c6](rime/librime@ec940c6))
* **calculus, recognizer:** memory leak due to unchecked regex error ([19ddc1e](rime/librime@19ddc1e)), closes [#171](rime/librime#171)
* **chord_composer:** allow editor to define BackSpace key behavior ([7f41f65](rime/librime@7f41f65))
* **chord_composer:** letters with modifier keys should not be committed by a following enter key ([aab5eb8](rime/librime@aab5eb8))
* **ci:** call cmake under /usr/local with sudo by passing $PATH environment variable ([a0e6d2f](rime/librime@a0e6d2f))
* **cmake:** fix build break for mingw ([939893c](rime/librime@939893c))
* **config:** auto save modified config data; fixes [#144](rime/librime#144) ([2736f4b](rime/librime@2736f4b))
* **config:** treat "@" as map key rather than list index ([a1df9c5](rime/librime@a1df9c5))
* **config_compiler:** duplicate PendingChild dependencies happen from multiple commands on the same node ([25c28f8](rime/librime@25c28f8))
* **config_compiler:** enforce dependency priorities ([69a6f3e](rime/librime@69a6f3e))
* **config_compiler:** null value should not overwrite a normal key in a merged tree ([4ecae44](rime/librime@4ecae44))
* **config_compiler:** template operator overload had compile error with NDK ([71817a0](rime/librime@71817a0))
* **config/build_info_plugin:** referenced but unavailable resources should also be recorded ([cd46f7a](rime/librime@cd46f7a))
* **ConfigFileUpdate:** should succeed if shared copy does not exist ([8a3e25c](rime/librime@8a3e25c))
* **custom_settings:** fall back to $shared_data_dir/build when loading config ([caf8ebb](rime/librime@caf8ebb))
* **custom_settings:** load built settings from $user_data_dir/build directory ([463dc09](rime/librime@463dc09))
* **deployment_tasks:** symbols.yaml is no longer a build target ([f920e4f](rime/librime@f920e4f))
* **dict_compiler:** prism should load compiled schema ([c2fd0cf](rime/librime@c2fd0cf)), closes [#176](rime/librime#176)
* **key_event:** KeySequence::repr() prefer unescaped punctuation characters ([aa43e5e](rime/librime@aa43e5e))
* **levers:** update deployment tasks for copy-free resource resolution ([1f86413](rime/librime@1f86413))
* **Makefile:** make install-debug; do return error code on mac ([1177142](rime/librime@1177142))
* **rime_api:** use user_config_open() to access user.yaml ([4e4a491](rime/librime@4e4a491))
* **rime_console:** not showing switcher's context ([632cf4b](rime/librime@632cf4b))
* **schema:** create a "schema" component that opens Config by schema_id ([555f990](rime/librime@555f990))
* **simplifier:** fix crash if no opencc file ([091cb9d](rime/librime@091cb9d))
* **simplifier:** tips option for show_in_comment simplifier ([e7bb757](rime/librime@e7bb757))
* **uniquifier:** half of the duplicate candidates remain after dedup [Closes [#114](rime/librime#114)] ([2ab76bc](rime/librime@2ab76bc))


### Features

* **build.bat:** customize build settings via environment variables ([#178](rime/librime#178)) ([1678b75](rime/librime@1678b75))
* **chord_composer:** accept escaped chording keys ([79a32b2](rime/librime@79a32b2))
* **chord_composer:** support chording with function keys ([48424d3](rime/librime@48424d3))
* **config:** add config compiler plugin that includes default:/menu into schema ([b51dda8](rime/librime@b51dda8))
* **config:** best effort resolution for circurlar dependencies ([2e52d54](rime/librime@2e52d54))
* **config:** build config files if source files changed ([0d79712](rime/librime@0d79712))
* **config:** config compiler plugins that port legacy features to the new YAML syntax ([a7d253e](rime/librime@a7d253e))
* **config:** config_builder saves output to $rime_user_dir/build/ ([e596155](rime/librime@e596155))
* **config:** references to optional config resources, ending with "?" ([14ec858](rime/librime@14ec858))
* **config:** save __build_info in compiled config ([45a7337](rime/librime@45a7337))
* **config:** separate out config_builder and user_config components ([9e9493b](rime/librime@9e9493b))
* **config:** support append and merge syntax ([04dcf42](rime/librime@04dcf42))
* **customizer:** disable saving patched config files ([88f5a0c](rime/librime@88f5a0c))
* **detect_modifications:** quick test based on last write time of files ([285fbcc](rime/librime@285fbcc))
* **dict:** no conditional compilation on arm ([85b945f](rime/librime@85b945f))
* **dict:** relocate binary files to $user_data_dir/build ([bc66a47](rime/librime@bc66a47))
* **dict:** use resource resolver to find dictionary files ([8ea08b3](rime/librime@8ea08b3))
* add property notifier ([fa7b5a5](rime/librime@fa7b5a5))
* **resource_resolver:** add class and unit test ([03ee8b4](rime/librime@03ee8b4))
* **resource_resolver:** fallback root path ([02151da](rime/librime@02151da))
* **translator:** add history_translator ([#115](rime/librime#115)) ([ae13354](rime/librime@ae13354))



## 1.2.9 (2014-12-14)

* **rime_api.h:** add `RIME_MODULE_LIST`, `RIME_REGISTER_MODULE_GROUP`.
* **Makefile:** add make targets `thirdparty/*` to build individual libraries.
* **legacy/src/legacy_module.cc:** plugin module `rime-legacy` for GPL code,
  providing component `legacy_userdb` for user dictionary upgrade.
* **src/setup.cc:** define module groups `"default"` and `"deployer"`, to avoid
	naming a list of built-bin modules in `RimeTraits::modules`.
* **test/table_test.cc:** fix random segment faults when run shuffled.
* **thirdparty/src/leveldb:** new dependency LevelDB, replacing Kyoto Cabinet.
* **dict/level_db:** userdb implementation based on LevelDB, replacing treeDb.
* **dict/tree_db:** moved to `legacy/src/`.
* **dict/user_db:** refactored and modularized to ease adding implementations.
* **gear/cjk_minifier:** support CJK Extension E.
* **gear/memory:** save cached phrases as soon as the next composition begins.
* **gear/recognizer:** match space iff set `recognizer/use_space: true`.
* **gear/simplifier:** catch and log OpenCC exceptions when loading.
* **gear/single_char_filter:** bring single character candidates to the front.
* **gear/simplifier:** adapt to OpenCC 1.0 API.
* **thirdparty/src/opencc:** update OpenCC to v1.0.2 (incompatible with v0.4).
* **lever/deployment_tasks:** update and rename task `user_dict_upgrade`.



## 1.2 (2014-07-15)

* **rime_api:** add API functions to access complex structures in config;
  add API to get the raw input and cursor position, or to select a candidate.
* **config:** support references to list elements in key paths.
  eg. `schema_list/@0/schema` is the id of the first schema in schema list.
* **switcher:** enable folding IME options in the switcher menu.
* **dict_compiler:** also detect changes in essay when updating a dictionary;
  support updating prism without the source file of the dictionary.
* **preset_vocabulary:** load `essay.txt` instead of `essay.kct`.
* **reverse_lookup_dictionary:** adopt a new file format with 50% space saving.
* **table:** add support for a new binary format with 20% space saving;
  fix alignment on ARM.
* **ascii_composer:** do not toggle IME states when long pressing `Shift` key;
  support discarding unfinished input when switching to ASCII mode.
* **affix_segmentor:** fix issues with selecting a partial-match candidate.
* **chord_composer:** commit raw input composed with original key strokes.
* **cjk_minifier:** a filter to hide characters in CJK extension set, works
  with `script_translator`.
* **navigator:** do not use `BackSpace` to revert selecting a candidate but to
  edit the input after moving the cursor left or right.
* **punctuator:** support `ascii_punct` option for switching between Chinese and
  Western (ASCII) punctuations.
* **speller:** auto-select candidates by pattern matching against the code;
  fix issues to cooperate with punctuator.
* **CMakeLists.txt:** add options `ENABLE_LOGGING` and `BOOST_USE_CXX11`;
  introduce a new dependency: `libmarisa`.
* **cmake/FindYamlCpp.cmake:** check the availability of the new (v0.5) API.
* **sample:** the directory containing a sample plug-in module.
* **tools/rime_patch.cc:** a command line tool to create patches.
* **thirdparty:** include source code of third-party libraries to ease
  building librime on Windows and Mac.



## 1.1 (2013-12-26)

* **new build dependency:** compiler with C++11 support.
  tested with GCC 4.8.2, Apple LLVM version 5.0, MSVC 12 (2013).
* **encoder:** disable warnings for phrase encode failures in log output;
  limit the number of results in encoding a phrase with multiple solutions.
* **punctuator:** fixed a bug in matching nested "pairs of 'symbols'".
* **speller:** better support for auto-committing, allowing users of table
  based input schema to omit explicitly selecting candidates in many cases.
* **schema_list_translator:** option for static schema list order.
* **table_translator:** fixed the range of CJK-D in charset filter.
jperkin pushed a commit that referenced this issue Apr 19, 2022
# glue 1.6.2

* Modify a test for better forward compatibility with R.

# glue 1.6.1

* Glue Now registers its custom knitr engines in a way that is more
  robust to namespace-loading edge cases that can arise during package
  installation (#254).

# glue 1.6.0

* `glue()`, `glue_data()`, `glue_col()`, and `glue_data_col()` gain a
  new `.literal` argument, which controls how quotes and the comment
  character are treated when parsing the expression string
  (#235). This is mostly useful when using a custom transformer.

* Trailing whitespace-only lines don't interfere with indentation (#247).

# glue 1.5.1

* Jennifer Bryan is now the maintainer.

* The existing custom language engines for knitr, `glue` and
  `glue_sql`, are documented in a new vignette (#71). *Detail added
  after release: glue now sets up registration of these engines in
  `.onLoad()`.*

* `glue_col()` gives special treatment to styling functions from the
  crayon package, e.g. `glue_col("{blue foo}")` "just works" now, even
  if crayon is not attached (but is installed) (#241).

* Unterminated backticks trigger the same error as unterminated single
  or double quotes (#237).

* `glue_sql()` collapses zero-length `DBI::SQL` object into
  `DBI::SQL("NULL")` (#244 @shrektan).

# glue 1.5.0

## Breaking changes

* Long deprecated function `collapse()` has been removed (#213)

## New functions and arguments

* New `glue_sql_collapse()` function to collapse inputs and return a
  `DBI::SQL()` object (#103).

* `glue()` gains a new `.comment` argument, to control the comment character (#193).

* `glue()` gains a new `.null` argument, to control the value to
  replace `NULL` values with (#217, @echasnovski).

## Bugfixes and minor changes

* `sql_quote_transformer()` is now allows whitespace after the trailing `*` (#218).

* `compare_proxy.glue()` method defined so glue objects can be
  compared to strings in testthat 3e without errors (#212)

* `print.glue()` no longer prints an empty newline for 0 length inputs (#214)

* Unterminated comments in glue expression now throw an error (#227, @gaborcsardi)
* Unterminated quotes in glue expressions now throw an error (#226, @gaborcsardi)
jperkin pushed a commit that referenced this issue Dec 18, 2022
# tidyselect 1.2.0

## New features

* New `tidyselect_data_proxy()` and `tidyselect_data_has_predicates()`
  allows tidyselect to work with custom input types (#242).

* New `eval_relocate()` for moving a selection. This powers `dplyr::relocate()`
  (#232).

## Lifecycle changes

* Using `all_of()` outside of a tidyselect context is now deprecated (#269).
  In the future it will error to be consistent with `any_of()`.

* Use of `.data` in tidyselect expressions is now deprecated to more cleanly
  separate tidy-select from data-masking. Replace `.data$x` with `"x"` and
  `.data[[var]]` with `any_of(var)` or `all_of(var)` (#169).

* Use of bare predicates (not wrapped in `where()`) and indirection (without
  using `all_of()`) have been formally deprecated (#317).

## Minor improvements and bug fixes

* Selection language:

  * `any_of()` generates a more informative error if you supply too many
    arguments (#241).

  * `all_of()` (like `any_of()`) returns an integer vector to make it easier
    to combine in functions (#270, #294). It also fails when it can't find
    variables even when `strict = FALSE`.

  * `matches()` recognises and correctly uses stringr pattern objects
    (`stringr::regex()`, `stringr::fixed()`, etc) (#238). It also now
    works with named vectors (#250).

  * `num_range()` gains a `suffix` argument (#229).

  * `where()` is now exported, like all other select helpers (#201),
    and gives more informative errors (#236).

* `eval_select()` with `include` now preserves the order of the variables
  if they're present in the selection (#224).

* `eval_select()` always returns a named vector, even when renaming is not
  permitted (#220).

* `eval_select()` and `eval_relocate()` gain new `allow_empty` argument which
  makes it possible to forbid empty selections with `allow_empty = FALSE` (#252).

* `eval_select(allow_rename = FALSE)` no longer fails with empty
  selections (#221, @eutwt) or with predicate functions (#225). It now properly
  fails with partial renaming (#305).

* `peek_var()` error now generates hyperlink to docs with recent RStudio (#289).

* `vars_pull()` generates more informative error messages (#234, #258, #318)
  and gains `error_call` and `error_arg` arguments.

* Errors produced by tidyselect should now be more informative. Evaluation
  errors are now chained, with the child error call is set to the `error_call`
  argument of `eval_select()` and `eval_rename()`. We've also improved
  backtraces of base errors, and done better at propagating the root
  `error_call` to vctrs input checkers.

* `tidyselect_verbosity` is no longer used; deprecation messaging is now
  controlled by `lifecycle_verbosity` like all other packages (#317).
jperkin pushed a commit that referenced this issue Feb 7, 2023
3.2.3 (2023-01-26)

* Add :endpoint argument when binding
* Add NDR Type Serialization Version 1 structures
* Make the structure more generic and easy to use

3.2.4 (2023-01-30)

* Land #247, Fix rails 7 deprecation warning
* Land #241, Add documentation for kerberos type rc4-hmac
* Land #240, Fix fix_dump_secrets_from_sid Example
* Land #242, Add NDR Type Serialization structures
jperkin pushed a commit that referenced this issue Feb 21, 2023
pkgsrc change: avoid use empty in options.mk.

What's new in Sudo 1.9.13 (2023-02-14)

 * Fixed a bug running relative commands via sudo when "log_subcmds"
   is enabled.  GitHub issue #194.
 * Fixed a signal handling bug when running sudo commands in a shell
   script.  Signals were not being forwarded to the command when
   the sudo process was not run in its own process group.
 * Fixed a bug in cvtsudoers' LDIF parsing when the file ends without
   a newline and a backslash is the last character of the file.
 * Fixed a potential use-after-free bug with cvtsudoers filtering.
   GitHub issue #198.
 * Added a reminder to the default lecture that the password will
   not echo. This line is only displayed when the pwfeedback option
   is disabled. GitHub issue #195.
 * Fixed potential memory leaks in error paths.  GitHub issues #199,
   #202.
 * Fixed potential NULL dereferences on memory allocation failure.
   GitHub issues #204, #211.
 * Sudo now uses C23-style attributes in function prototypes instead
   of gcc-style attributes if supported.
 * Added a new "list" pseudo-command in sudoers to allow a user to
   list another user's privileges.  Previously, only root or a user
   with the ability to run any command as either root or the target
   user on the current host could use the -U option.  This also
   includes a fix to the log entry when a user lacks permission to
   run "sudo -U otheruser -l command".  Previously, the logs would
   indicate that the user tried to run the actual command, now the
   log entry includes the list operation.
 * JSON logging now escapes control characters if they happen to
   appear in the command or environment.
 * New Albanian translation from translationproject.org.
 * Regular expressions in sudoers or logsrvd.conf may no longer
   contain consecutive repetition operators.  This is implementation-
   specific behavior according to POSIX, but some implementations
   will allocate excessive amounts of memory.  This mainly affects
   the fuzzers.
 * Sudo now builds AIX-style shared libraries and dynamic shared
   objects by default instead of svr4-style. This means that the
   default sudo plugins are now .a (archive) files that contain a
   .so shared object file instead of bare .so files.  This was done
   to improve compatibility with the AIX Freeware ecosystem,
   specifically, the AIX Freeware build of OpenSSL.  Sudo will still
   load svr4-style .so plugins and if a .so file is requested,
   either via sudo.conf or the sudoers file, and only the .a file
   is present, sudo will convert the path from plugin.so to
   plugin.a(plugin.so) when loading it.  This ensures compatibility
   with existing configurations.  To restore the old, pre-1.9.13
   behavior, run configure using the --with-aix-soname=svr4 option.
 * Sudo no longer checks the ownership and mode of the plugins that
   it loads.  Plugins are configured via either the sudo.conf or
   sudoers file which are trusted configuration files.  These checks
   suffered from time-of-check vs. time-of-use race conditions and
   complicate loading plugins that are not simple paths.  Ownership
   and mode checks are still performed when loading the sudo.conf
   and sudoers files, which do not suffer from race conditions.
   The sudo.conf "developer_mode" setting is no longer used.
 * Control characters in sudo log messages and "sudoreplay -l"
   output are now escaped in octal format.  Space characters in the
   command path are also escaped.  Command line arguments that
   contain spaces are surrounded by single quotes and any literal
   single quote or backslash characters are escaped with a backslash.
   This makes it possible to distinguish multiple command line
   arguments from a single argument that contains spaces.
 * Improved support for DragonFly BSD which uses a different struct
   procinfo than either FreeBSD or 4.4BSD.
 * Fixed a compilation error on Linux arm systems running older
   kernels that may not define EM_ARM in linux/elf-em.h.
   GitHub issue #232.
 * Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined.
   Sudo will now link using -Wl,--no-undefined by default if possible.
   GitHub issue #234.
 * Fixed a bug executing a command with a very long argument vector
   when "log_subcmds" or "intercept" is enabled on a system where
   "intercept_type" is set to "trace".  GitHub issue #194.
 * When sudo is configured to run a command in a pseudo-terminal
   but the standard input is not connected to a terminal, the command
   will now be run as a background process.  This works around a
   problem running sudo commands in the background from a shell
   script where changing the terminal to raw mode could interfere
   with the interactive shell that ran the script.
   GitHub issue #237.
 * A missing include file in sudoers is no longer a fatal error
   unless the error_recovery plugin argument has been set to false.

What's new in Sudo 1.9.13p1 (2023-02-17)

 * Fixed a typo in the configure script that resulted in a line
   like "]: command not found" in the output.  GitHub issue #238.
 * Corrected the order of the C23 [[noreturn]] attribute in function
   prototypes.  This fixes a build error with GCC 13.  GitHub issue
   #239.
 * The "check" make target misbehaved when there was more than
   one version of the UTF-8 C locale in the output of "locale -a".
   GitHub issue #241.
 * Removed a dependency on the AC_SYS_YEAR2038 macro in configure.ac.
   This was added in autoconf 2.72 but sudo's configure.ac only
   required autoconf 2.70.
 * Relaxed the autoconf version requirement to version 2.69.
jperkin pushed a commit that referenced this issue Mar 8, 2023
1.0.23 (2023-03-02)

* Land #237, add support for M1/M1 macOS builds
* Land #241, don't build universal binary - libpcap
jperkin pushed a commit that referenced this issue Mar 12, 2023
# rgl 1.0.1

## Major changes

* The long promised deprecations of the `rgl.*` functions
have happened.  Now deprecated: `rgl.abclines`,
`rgl.bbox`, `rgl.bg`, `rgl.clear`, `rgl.clipplanes`,
`rgl.close`, `rgl.light`, `rgl.lines`,
`rgl.linestrips`, `rgl.material`,  `rgl.open`,
`rgl.planes`, `rgl.points`, `rgl.quads`,
`rgl.select3d`, `rgl.set`, `rgl.setAxisCallback`,
`rgl.sprites`, `rgl.surface`, `rgl.texts`,
`rgl.triangles`, and `rgl.viewpoint`.
* A vignette "Deprecating the `rgl.*` interface"
has been added.
* Also deprecated: `elementId2Prefix`, `writeWebGL`

## Minor changes

* Since `rgl.material` is deprecated and no
longer contains the list of material types in its
argument list, `rgl.material.names` and `rgl.material.readonly` have been
added.
* Similarly, `rgl.par3d.names` and `rgl.par3d.readonly`
contain lists of properties that may be set or queried
in `par3d()`.
* The flexibility improvements for `surface3d()` in
0.111.6 were incomplete.
* Argument `flip` has been added to `surface3d()` to allow
front and back to be switched.

# rgl 0.111.6

## Minor changes

* Added a panning example to the help page for `setUserCallbacks()`.
* Replaced all calls to `sprintf` from C/C++ code with calls to
`snprintf`.
* `surface3d` and `rgl.surface` are now more flexible,
allowing any of the 3 coordinates to be a vector or matrix
as long as at least one is a matrix.
* `material3d` can now specify an `id` to query properties
for individual objects.
* Since `rgl.material` is soon to be deprecated and no
longer contain the list of material types in its
argument list, `rgl.material.names` and `rgl.material.readonly` have been
added.
* Similarly, `rgl.par3d.names` and `rgl.par3d.readonly`
contain lists of properties that may be set or queried
in `par3d()`.
* Made some examples conditional on interactive use
to save time on CRAN.

## Bug fixes

* Default mouse modes used when a window is opened by an `rgl.*`
call (which is not recommended!) now match
the defaults in `rgl::r3dDefaults`.
* Missing values could cause `surface3d()` to segfault.
* The C source code for `gl2psGetFileFormat` missed declaring
a prototype.

# rgl 0.110.2

## Major changes

* Material property `"blend"` has been added, to allow
various kinds of blending for semi-transparent objects
(issue #245).

## Minor changes

* The `Buffer` object now handles reading of sparse
accessors.
* Low level drawing of primitives has been made more
memory efficient.  This is only likely to make a
noticeable change with very large objects, where R
was running out of memory because of unnecessary
duplication. (Related to issue #260.)
* Recycling of x, y and z vectors in several functions
is more consistent.
* The `polygon3d()` function now chooses coordinates
automatically, as `triangulate()` does (PR #262.)
* The `mtext3d()` and related functions such as
`title3d()` now accept language objects
other than expressions, as `plotmath3d()` always has
(issue #273).

## Bug fixes

* The bounding box could be calculated incorrectly
if data all had large values (issue #250).
* Shiny displays failed to load the shaders (issue #249).
* `transform3d()` failed due to missing argument (issue #253).
* `readOBJ()` is now more flexible in what kinds of
separators it will accept. (issue #258).
* Failure to initialize could cause a segfault.
* On non-macOS platforms, gray-scale textures failed
to display, with a message about an invalid enumerant.
* The third coordinate for `adj` that was added in 0.108.3
was not rendered properly in `rglwidget()` displays of
text.  This sometimes caused text to disappear when it
was near the far limit of the display (issue #269).
* The X11 error fix in 0.109.6 could result in R
freezing in `Rcmdr`.
* Low level drawing functions are now more consistent
about returning an invisible `NULL` if asked to plot zero
items, rather than raising an error or crashing (issue #274).
* Calling `axis3d()` with no ticks or labels no longer triggers
an error, it now silently returns `NULL`.

# rgl  0.109.6

## Minor changes

* `rglwidget()` displays now act on "pointer" events,
not just "mouse" events, so they should be more usable
on touch screens and tablets (PR #240).

## Bug fixes

* Plotting `scene3d()` objects didn't handle suppressed
axes properly, drawing the default axis instead (issue
#241).
* On some systems using X11, `rgl` would segfault when
the "fixed" font was not found.
* X11 errors could cause R to abort.

# rgl  0.109.2

## Major changes

* Changes to support glTF animation:
  - Handling of `embedding = "modify"` for the model matrix
    has changed.  Now the centering step is only done for
    `embedding = "replace"`.  In addition, various bugs
    have been fixed.
  - If a subscene has no lights defined, the lights from the parent
    are used.
  - `plot.rglscene()` now ends with the root subscene as
    current.  It also allows specification of `open3d()`
    parameters in a list.
  - The `MATn` types in `Buffer` are returned as arrays with
    dim `c(n, n, count)`.
  - The `plot3d.rglscene` method now passes `...` to `open3d()`.
  - The `setUserShaders()` function now allows arrays of 4x4 matrices as "uniforms", and allows additional textures to be specified.
* `sprites3d()` now has the option of
`rotating = TRUE`, to allow 3D sprites to rotate with
the scene.
* Added `getShaders()` function to get shaders used in WebGL.
* Now detects if `rgl` is running within `reprex::reprex()`
and if so arranges that a screenshot will be included in the
output.
* Added default shaders to be used in `rglwidget()`, rather than
constructing them on the fly.  This incompatibly affects the use
of lights and clipping planes with user shaders:  their data
is now stored in arrays rather than multiple numbered variables.

## Minor changes

* Now that `pkgdown` 2.0.0 has been released, a number
of internal workarounds to support the development version
have been removed.
* Added `as.mesh3d()` methods for `"rglsubscene"` and `"rglscene"`.
* `open3d()` now handles `useNULL` and `silent` arguments
passed in `params`.
* Controls passed to `playwidget()` may now include a
component specifying HTML dependencies.
* Added `rglwidgetClass.readAccessor()` method to let other
code use the buffering.
* Changed the internal organization of bounding box calculations.
* All functions that produce meshes now accept
material properties.  Newly modified to do so using the `...`
argument:  `cylinder3d()`, and `getBoundary3d()`.
* Updated the system requirements and installation instructions.
* Solid bounding box decorations now try harder to display 3 faces (issue #206).
* Now that `webshot2` is on CRAN, instructions for
installing it from Github have been removed.
* Sometimes `webshot2` snapshots are very slow, so
the default for the `webshot` argument to `snapshot3d()`
now depends on the `RGL_USE_WEBSHOT` environment
variable, using `TRUE` if it is unset. (Reported by Prof. B. D. Ripley.)
* If the Chrome browser is not found, `snapshot3d(webshot = TRUE)` now issues a warning and
reverts to using `rgl.snapshot()`.
* Buffers now use "normalized integers" to store
color or texture coordinate values that lie between 0
and 1 when it saves some space.
* At the request of CRAN, the `akima` package is no
longer suggested.

## Bug fixes

* `as.mesh3d.rglobject()` didn't handle objects with indices
properly.
* In WebGL, the front vs back calculation sometimes
got the wrong result (issue #164).
* `pop3d(tag = x)` did not always find the objects with `tag == x` if they were not in the current subscene.
* The default values for `front` and `back` in `rgl.material`
and `material3d` are now `"filled"`, as documented in some
places.
* The `fog` setting wasn't handled properly by `bg3d()`.
* Numerous cases of partial argument matching were fixed
(suggestion of Henrik Bengtsson in issue #170.)
* Argument `col` is accepted as a synonym for `color` in `material3d()` and `rgl.material()`.
* `planes3d()` objects were not displayed consistently
in `rgl` windows and WebGL displays, because the bounding
boxes were not computed consistently (issue #169).
* Some initialization wasn't done properly in Shiny apps,
so they failed after a redraw (issue #173).
* Buffers are now optional, as they don't work with
Shiny scene changes (also issue #173).
* The NULL device would sometimes miscalculate the
bounding box.
* `selectpoints3d(closest = TRUE)` selected too many points
when multiple objects were in the scene.
* Clearing nested subscenes could cause a segfault and crash.
* In `knitr` and `rmarkdown`, blank plots could be shown
when `par3d(skipRedraw=TRUE)` was set (issue #188).
* Objects drawn with `sprites3d()` weren't lit correctly
in WebGL (issue #189).
* Objects with textures were sometimes drawn more than once, both
before the texture loaded and after.  This was most noticeable for
objects with user textures.
* Axis mode `"pretty"` got lost when scenes were redrawn.
* Tick labels were sometimes lost in WebGL displays and
`snapshot3d()` results (issue #197).
* The new material properties from 0.107.10 and 0.108.3
were not handled properly by `plotmath3d()`.
* `rglMouse()` did not set the default value of the drop-down
selector properly (issue #213).
* `merge.mesh3d()`, used by `filledContour3d()`, didn't handle
colors properly (issue #212).
* `bg3d(sphere = TRUE)` has been fixed (issue #207).
* Textures were not appearing on spheres, and front-back
differences weren't being rendered (issue #217).
* When "knitting" within RStudio under R 4.2.0 on
Windows, `rgl` scenes didn't appear (reported by
Dieter Menne.) A workaround has been added.
* In `rglwidget()`, axis labels were not always
displayed, and did not move with solid bounding box
decorations properly (issue #206).
* On some systems, `lines3d()` using both missing values
and transparency did not draw properly (issue #234,
originally reported by Gaspar Jekely).
* The `rglShared()` example failed when `crosstalk`
was uninstalled.


# rgl  0.108.3.2

## Bug fixes

* Changes introduced in 0.100.50 lacked checks; these caused
segfaults in Windows with R 4.2.0 and RStudio (issue #208).
* A typo caused problems loading fonts on some systems.

# rgl  0.108.3

## Major changes

* Added `getBoundary3d()` function to extract the boundary
edges of a mesh.
* Added material property `tag`, a string associated
with each object.  The value is reported by `ids3d(tags = TRUE)` and
may be used to select objects in most functions that use ids,
but otherwise is
largely ignored by `rgl`.  The `tagged3d()` function returns
information on tags.
* Primitive types (points, lines, segments, triangles, quads)
can now accept an `indices` parameter, similar to the
indices in `mesh3d` objects.
* Added `Buffer` object, based on glTF design, for holding binary
data for `rglwidget()`.

## Minor changes

* Allowed for a third coordinate in `text3d()`'s `adj`
parameter.
* Added support for `adj`, `pos` and `offset` to
`sprites3d()`.
* Added support for `pos` values of `0` (at specified
location), `5` (in front of it), and `6` (behind it) in
`text3d()`, `sprites3d()` and `plotmath3d()`.
* `crosstalk` is now a Suggested package, rather than
a required one.
* The `Makevars.ucrt` file has been modified with
contributions from Tomas Kalibera to work with his `winutf8`
build of R.
* `bgplot3d()` no longer pauses for each page when running
examples.
* `deldir` version 1.0-2 is incompatible with `rgl`.  Added
the `checkDeldir()` function to avoid running it.
* `shade3d()` treated texture coordinates like colors, and
  duplicated the first one for the whole face when `meshColor = "faces"` was chosen.
  Instead, they are now treated like vertex coordinates.
  (Reported by Michael Sumner in issue #145).
* Corrected the documentation and made the implementations
of `asHomogeneous()`, `asEuclidean()` etc. more consistent.
* An `as.rglscene()` generic has been added, though no methods
are defined in this package.
* `downlit` 0.4.0 has been released with support for `rgl`, so instructions
for installing the devel version have been removed.

## Bug fixes

* Fixed rendering of text as sprites3d() objects.
* Added `--static` flag to configure script for FreeType
  installation.  (Suggestion of Simon Urbanek and Prof. Brian Ripley.)
* `shade3d()`, `wire3d()` and `dots3d()` overrode
  `"front"` and `"back"` material settings in mesh objects.
* `rglwidget()` handling of bounding box decorations had
  several bugs.
* `rgl` could not find routines in the DLL on some Windows
installs (Issue 148.)
* Some cases where allocations were not protected have been fixed.
jperkin pushed a commit that referenced this issue Apr 28, 2023
v3.20211022.1

  * Fix #362 to have make create-package-deb work again. by @jordansissel in
    #363

v3.20210903.1

Allow running under XWayland

  * Revert XWayland detection. Some parts of xdotool do not work under
    XWayland. However,
    many features do work on XWayland, and rejecting XWayland caused problems
    for several
    folks who were otherwise happily using xdotool under Wayland/XWayland. (#
    346, #355)

v3.20210804.2

Fixes a packaging issue in the previous release.

v3.20210804.1

  * xdotool and libxdo will now reject if it is running under Wayland/
    XWayland.
    If XWayland is detected, the program will fail. This is because XWayland
    doesn't allow xdotool or libxdo to work correctly. (#342, Jordan Sissel)
  * New command windowstate which can be used to modify properties of
    windows.
    For example, to full-screen the current window, use:
    xdotool getactivewindow windowstate --add FULLSCREEN
    (#158 by Zhai Zhao Xuan)
  * New command windowquit which is used to ask the windowed application to
    terminate. (#306, Antonio Russo)
  * New command getwindowclassname to print the window's class name.
    (#247, Dominic Mueller)
  * When sending keystrokes, enter and return now are synonyms for the
    Return key symbol (CSylvain)
  * getmouselocation now updates the window stack with the window the cursor
    is
    currently over. (#118, Jordan Sissel)
  * search command now supports searching by window role with --role flag (#
    305, altblue)
  * search command should now no longer report BadWindow errors (#335, Marek
    Marczykowski-Górecki)
  * get_window_location now reports correct value (#289, Edwin Heerschap)
  * Uppercase Latin-1/Basic Latin are now typed correctly (#283, Hasan)
  * Document the regular expressions (POSIX Extended) supported by xdotool
    (#???, Lucas Werkmeister)
  * Use the default X11 Screen instead of assuming 0 (#265, Miroslav Koškár)
  * Wrap header files with extern "C" to enable easier C++ use of libxdo.
    (#331, easyaspi314)
  * Install pkgconfig file when running make install (#229, Joakim Repomaa)
  * Set permissions correctly when installing xdo.h (#324, Dan Church)
  * Fix memory leak (#241, Andrew McDermott)
  * Fix memory leak (#299, orcNo and longqi)
  * Fixed some documentation typos (#161, Vincent Legoll; #336, yjqg6666)
  * Fix all compiler warnings during make (#344, Jordan Sissel)
jperkin pushed a commit that referenced this issue Jun 8, 2023
New features
 - Considerably refined the app packaging strategy, introducing support for more
   architectures and other advancements 📦 (see #246 for additional details)
 - Added button to clear all the current search filters quickly in inspect page
 - Added Swedish translation 🇸🇪 (#213)

Improvements
 - Updated most of the existing translations to v1.2:
     - German 🇩🇪 (#191)
     - Spanish 🇪🇸 (#203)
     - Persian 🇮🇷 (#193)
     - Korean 🇰🇷 (#205)
     - Polish 🇵🇱 (#244)
     - Romanian 🇷🇴 (#241)
     - Russian 🇷🇺 (#187)
     - Turkish 🇹🇷 (#192)
     - Ukrainian 🇺🇦 (#216)
     - Chinese 🇨🇳 (#214)
 - Renamed "Administrative entity" to "Autonomous System name" to avoid
   confusion
 - Improved filter columns relative width to avoid the "Application protocol"
   label being cut when displayed in Swedish
 - Footer URLs have been updated to include links to Sniffnet's official website
   and GitHub Sponsor page
 - Updated docs including installation instruction for Arch Linux (#185)
 - Minor improvements to packets and bytes number format
 - Minor improvements to:
     - code readability (#248)
     - docs (#235)

Fixes
 - Various issues have been fixed by the refined packaging strategy (#199, #220,
   #223, #224, #225, #242)
 - Solved a minor problem that caused flags to be slightly misaligned in inspect
   page table
jperkin pushed a commit that referenced this issue Jun 11, 2023
2.6.0 (2023-06-07)

What's Changed

* Fix trasient typo; make general syntax and punctuation edits to readme by
  @ColinDKelley in #235
* Better error handling when scheduler is closed. by @ioquatix in #240
* Delegate to Fiber#annotate where possible. by @ioquatix in #241
* Fix handling of stop stopping the stopping task. by @ioquatix in #242
* Strip device suffix before resolving hostname. by @ioquatix in #243

New Contributors

* @ColinDKelley made their first contribution in #235

2.6.1 (2023-06-09)

What's Changed

* Ensure transient tasks are correctly terminated. by @ioquatix in #245
jperkin pushed a commit that referenced this issue Jun 21, 2023
pkgsrc change: avoid use empty in options.mk.

What's new in Sudo 1.9.13 (2023-02-14)

 * Fixed a bug running relative commands via sudo when "log_subcmds"
   is enabled.  GitHub issue #194.
 * Fixed a signal handling bug when running sudo commands in a shell
   script.  Signals were not being forwarded to the command when
   the sudo process was not run in its own process group.
 * Fixed a bug in cvtsudoers' LDIF parsing when the file ends without
   a newline and a backslash is the last character of the file.
 * Fixed a potential use-after-free bug with cvtsudoers filtering.
   GitHub issue #198.
 * Added a reminder to the default lecture that the password will
   not echo. This line is only displayed when the pwfeedback option
   is disabled. GitHub issue #195.
 * Fixed potential memory leaks in error paths.  GitHub issues #199,
   #202.
 * Fixed potential NULL dereferences on memory allocation failure.
   GitHub issues #204, #211.
 * Sudo now uses C23-style attributes in function prototypes instead
   of gcc-style attributes if supported.
 * Added a new "list" pseudo-command in sudoers to allow a user to
   list another user's privileges.  Previously, only root or a user
   with the ability to run any command as either root or the target
   user on the current host could use the -U option.  This also
   includes a fix to the log entry when a user lacks permission to
   run "sudo -U otheruser -l command".  Previously, the logs would
   indicate that the user tried to run the actual command, now the
   log entry includes the list operation.
 * JSON logging now escapes control characters if they happen to
   appear in the command or environment.
 * New Albanian translation from translationproject.org.
 * Regular expressions in sudoers or logsrvd.conf may no longer
   contain consecutive repetition operators.  This is implementation-
   specific behavior according to POSIX, but some implementations
   will allocate excessive amounts of memory.  This mainly affects
   the fuzzers.
 * Sudo now builds AIX-style shared libraries and dynamic shared
   objects by default instead of svr4-style. This means that the
   default sudo plugins are now .a (archive) files that contain a
   .so shared object file instead of bare .so files.  This was done
   to improve compatibility with the AIX Freeware ecosystem,
   specifically, the AIX Freeware build of OpenSSL.  Sudo will still
   load svr4-style .so plugins and if a .so file is requested,
   either via sudo.conf or the sudoers file, and only the .a file
   is present, sudo will convert the path from plugin.so to
   plugin.a(plugin.so) when loading it.  This ensures compatibility
   with existing configurations.  To restore the old, pre-1.9.13
   behavior, run configure using the --with-aix-soname=svr4 option.
 * Sudo no longer checks the ownership and mode of the plugins that
   it loads.  Plugins are configured via either the sudo.conf or
   sudoers file which are trusted configuration files.  These checks
   suffered from time-of-check vs. time-of-use race conditions and
   complicate loading plugins that are not simple paths.  Ownership
   and mode checks are still performed when loading the sudo.conf
   and sudoers files, which do not suffer from race conditions.
   The sudo.conf "developer_mode" setting is no longer used.
 * Control characters in sudo log messages and "sudoreplay -l"
   output are now escaped in octal format.  Space characters in the
   command path are also escaped.  Command line arguments that
   contain spaces are surrounded by single quotes and any literal
   single quote or backslash characters are escaped with a backslash.
   This makes it possible to distinguish multiple command line
   arguments from a single argument that contains spaces.
 * Improved support for DragonFly BSD which uses a different struct
   procinfo than either FreeBSD or 4.4BSD.
 * Fixed a compilation error on Linux arm systems running older
   kernels that may not define EM_ARM in linux/elf-em.h.
   GitHub issue #232.
 * Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined.
   Sudo will now link using -Wl,--no-undefined by default if possible.
   GitHub issue #234.
 * Fixed a bug executing a command with a very long argument vector
   when "log_subcmds" or "intercept" is enabled on a system where
   "intercept_type" is set to "trace".  GitHub issue #194.
 * When sudo is configured to run a command in a pseudo-terminal
   but the standard input is not connected to a terminal, the command
   will now be run as a background process.  This works around a
   problem running sudo commands in the background from a shell
   script where changing the terminal to raw mode could interfere
   with the interactive shell that ran the script.
   GitHub issue #237.
 * A missing include file in sudoers is no longer a fatal error
   unless the error_recovery plugin argument has been set to false.

What's new in Sudo 1.9.13p1 (2023-02-17)

 * Fixed a typo in the configure script that resulted in a line
   like "]: command not found" in the output.  GitHub issue #238.
 * Corrected the order of the C23 [[noreturn]] attribute in function
   prototypes.  This fixes a build error with GCC 13.  GitHub issue
   #239.
 * The "check" make target misbehaved when there was more than
   one version of the UTF-8 C locale in the output of "locale -a".
   GitHub issue #241.
 * Removed a dependency on the AC_SYS_YEAR2038 macro in configure.ac.
   This was added in autoconf 2.72 but sudo's configure.ac only
   required autoconf 2.70.
 * Relaxed the autoconf version requirement to version 2.69.
jperkin pushed a commit that referenced this issue Jun 22, 2023
Link with libsocket where needed (#234) by @amigadave in #235
Remove libsoup from doc and CI by @janbrummer in #238
Fix coverity findings by @janbrummer in #241
Add a comment that docs option needs introspection by @janbrummer in #242
Set pac data after download only by @janbrummer in #244
Fix race condition in px_manager_get_proxies_sync by @janbrummer in #245
Update gobject dependency in pkgconfig file by @floppym in #239
Reread env variables in each get_config call by @janbrummer in #246
Bump version to 0.5.2 by @janbrummer in #247
jperkin pushed a commit that referenced this issue Aug 8, 2023
(also taking over maintainership after confirming with Patrick)

v.2.4.3
    Add static hpdf_version.h header by @vszakats in #241
    hpdf_version.h included again by hpdf.h #241 #246
    File attachment issue resolved @hvanbrug #159
    Renamed *_LIBZ defines to _*ZLIB, thanks to @karstenBriksoft #249, enables compression of PDF files again.

v.2.4.2

    Reinstated hpdf_version.h #237 #240
v.2.4.1

    Fixed library name #236 from @jschueller
    Set correct version number #237 pointed out by @xantares

v.2.4.0

    Add support for free-form triangle shading objects. by @allisonvacanti in #157
    Fix config constant to match use in hpdf_mmgr.c by @bvirlet in #167
    Improve small number writing in HPDF_FToA. by @allisonvacanti in #187
    Fix missing /CapHeight key in font definition by @yabaud in #138
    Change HPDF_Page_CreateXObjectFromImage zoom parameter type to HPDF… by @extensia in #114
    Fix another case of png files with background mask save uncompressed by @igor-niv in #221
    Avoid issue with libtiff duplicate symbols by @bvirlet in #168
    Reajust bit_depth of png image after striping depth from 16 to 8. by @joelhecht in #125
    Fixed typo in Japanese font name: Mincyo -> Mincho by @qtamaki in #80
    Fix various typos by @luzpaz in #226
    hpdf.h: add missing HPDF_Boolean typedef by @mathstuf in #189
    Moved to a CMake only build environment.
    Fix bad unicode in comment by @gix in #229
    Fix various typos by @luzpaz in #230
jperkin pushed a commit that referenced this issue Oct 23, 2023
This is the biggest update ever, with 36 new features, 24 bug fixes,
and 3 performance improvements.

Thank you to every contributor for making Yazi better and better!
What's Changed

    feat: add Mintty (Git Bash) image preview support by @sxyazi in #103
    refactor: use Url instead of PathBuf by @sxyazi in #107
    fix: mime of javascript by @XYenon in #106
    perf: load large folders in chunks by @sxyazi in #117
    fix: set cursor block after closing input prompt from insert mode
         by @auvred in #109
    fix: doesn't redirect the stderr of the clipboard command to null
         by @sxyazi in #119
    feat: suspend process (Ctrl-Z) by @sxyazi in #120
    fix: notification of file changes in linked directories by @sxyazi in #121
    feat: file size sorting under the simplified file system by @sxyazi in #123
    fix: show_hidden not properly applied to hovered folder by @sxyazi in #124
    fix: recognize symlink directories as files by @sxyazi in #125
    fix: respect symlink paths without canonicalizing them by @sxyazi in #126
    feat: make Input streamable by @sxyazi in #127
    perf: doesn't wait for the process of killing by @sxyazi in #128
    feat: find by @sxyazi in #104
    feat: tab-specific sorting by @sxyazi in #131
    feat: new V, D, C keybinding for Input component by @sxyazi in #139
    fix: swap description for search commands by @knutwalker in #141
    fix: image position calculation by @sxyazi in #144
    feat: support for image preview within tmux by @sxyazi in #147
    feat: show keywords when in search mode by @sxyazi in #152
    feat: fallback to built-in highlighting if jq is not installed
          by @ndtoan96 in #151
    feat: make the glob expr case insensitive by default, and prepend \s to
          make it sensitive by @sxyazi in #156
    fix: check relative path on expand_path by @sxyazi in #165
    feat: support for FreeBSD permission type by @yggdr in #169
    feat: multiple openers for a single rule by @Linus789 in #154
    fix: leave upwards only if an IO error occurs in current by @sxyazi in #172
    docs: add archlinuxcn installation guide by @Integral-Tech in #176
    fix: image preview not working on Zellij by @Eric-Song-Nop in #181
    feat: make trash optional by @sxyazi in #178
    fix: inconsistent Shift key behavior on Unix and Windows
         by @ndtoan96 in #174
    feat: new force option added for the remove command, which does not show
          the confirmation dialog on trashing/deleting by @sxyazi in #173
    fix: typo of LICENSE file by @conradojordan in #201
    feat: add flake.nix by @XYenon in #205
    feat: include ignored files on search when hidden files are shown
          by @PhotonQuantum in #212
    feat: new orphan option for opener rules, to keep the process running even
          when Yazi exited by @sxyazi in #216
    feat: scroll half/full page with arrow percentage supported, and new
          Vi-like <C-u>, <C-d>, <C-b>, and <C-f> keybindings added by
          @TD-Sky in #213
    feat: highlight matching words on finding by @PhotonQuantum in #211
    feat: add BackTab support by @sxyazi in #209
    fix: set stdio to null when orphan is true by @sxyazi in #229
    feat: new force option for creating and renaming by @sxyazi in #208
    feat: loop through to find by @ndtoan96 in #234
    feat: backward/forward by @ndtoan96 in #230
    perf: reimplement optimized natural sorting algorithm, speed up ~6 times
          for case-insensitive sorting by @sxyazi in #237
    chore: changing the finding key to n/N to keep with Vim's conventions
           by @sxyazi in #238
    feat: added new options to the `find' command for smart-case/
          case-insensitive finds by @ndtoan96 in #240
    feat: add new --no-cwd-file option to quit command for flexible cwd-file
          setting by @XOR-op in #245
    fix: avoid adding non-regular paths to backstack by @ndtoan96 in #249
    fix: support RGBA16 images by @sxyazi in #250
    feat: support trash for NetBSD by @sxyazi in #251
    feat: support environment variable in cd path by @ndtoan96 in #241
    feat: new theme system by @sxyazi in #161
    fix: cannot cd if there is whitespace in path by @ndtoan96 in #255
    fix: add application/x-wine-extension-ini to text mime by @ndtoan96 in #259
    fix: collect and fix all hard coded themes and color
         by @Eric-Song-Nop in #221
    fix: some colors not readable in light mode by @sxyazi in #264
    feat: better file hover state by @sxyazi in #269
    refactor: split commands into separate files by @sxyazi in #272
    feat: cancel selected items automatically on entering, leaving, copying, or
          cutting by @sxyazi in #273
    feat: add a new Bar component, and make border styles customizable
          by @sxyazi in #278
    fix: adapt another $TERM value of foot-extra for foot by @sxyazi in #277
    refactor: simplify building conditions by @sxyazi in #280
    chore: add git rev to nix pkg version by @XYenon in #206
    feat: new Manager component for better style extensions by @sxyazi in #284
    feat: cross-system opener rule support by @sxyazi in #289
    fix: delegate the SIGINT signal of processes with orphan=true to their
    parent by @sxyazi in #290
    feat: line mode by @sxyazi in #291
    feat: shell completions & auto releasing by @TD-Sky in #282
jperkin pushed a commit that referenced this issue Nov 7, 2023
poetry-plugin-export (^1.6.0)

    Add an --all-extras option (#241).
    Fix an issue where git dependencies are exported with the branch name instead of the resolved commit hash (#213).
jperkin pushed a commit that referenced this issue Feb 23, 2024
v0.4.1
Fixes
    Fix an issue where fonts can fail to be detected on some systems (#250)

Docs
    Update the repo link to our newly minted organization (#251)

v0.4.0
I'd like to start with a huge thanks to all of our contributors. This release
wouldn't have happened nearly as soon, nor would it have had as many fixes and
features without everyone's help ❤️
Breaking Changes
    Completions are now generated ahead of time and provided with the release
    assets instead of the old --gen-completions <SHELL> flag
    The default light theme code-highlighter was changed from the
    inpsired-github to the new github syntax highlighter
    We have a new wayland feature that is enabled by default for clipboard
    support. If you don't use wayland and you run into wayland related build
    errors then consider building with the --no-default-features with the
    optional --features x11 if you're using Xorg still
    The default zoom-out keybind is now <Ctrl+=> instead of <Ctrl++> and
    zoom-reset is now unbound by default instead of <Ctrl+=>

Features
    Font fallback is now supported 🎉 (less tofu --> more emojis)
    A lot more embedded syntax highlighting themes (#219)
        The full list is always in the inlyne.default.toml file
    Add clipboard support for wayland (#243)
    Add support for color-scheme specific <picture>s (#236)
    Underlines are now supported in syntax highlighting (#221 and #225)
    extra keybindings now override base (#224)
    Use human-panic for more user-friendly panic messages (#172)
    Support table column alignment (#136)
    Use taffy for laying out tables (#129)

Fixes
    Inherit alignment for headers (#241)
    Allow for px suffix on pixel length (#238)
    Mimic GitHub's anchorizer for creating headers' anchor links (#227)
    Correctly reset table column alignment (#218)
    Reset scroll on markdown navigation (#213)
    Debounce file watcher events (#200)
    More gracefully handle failures in image loading (#187)
    Switch the TLS library from openssl to rustls (#179)
        Fixes some issues with window's failing some image requests

Documentation
    Document fontconfig dependency (#220)

Internal
    The usual swarm of non-user-facing changes
jperkin pushed a commit that referenced this issue Feb 29, 2024
# callr 3.7.5

* No changes.

# callr 3.7.4

* The `r_session$get_running_time()` method now returns the correct
  values, as documented (#241, @djnavarro).

* callr now uses fully qualified function calls in the subprocess to
  avoid interference with functions defined in the global environment.
  I.e. `base::stderr()` instead of `stderr()`. Closes #246.
jperkin pushed a commit that referenced this issue Mar 20, 2024
Changelog:

2.13.c.5
Highlights
New features

    New custom key commands (#256)
    Support basic control chars (\n, \r, \b, \t) in text options (#238)
    Added support for the XF86AudioMicMute media key (#273)
    Added tab completion for Bash and Zsh (#230)

Perf improvements

    Lazy-load slideshow images (#242)
    Disable debug build by default; faster blurring (#251)

Changes by PR

    fix --max and --fill not scaling image when the image has the same aspect ratio as the screen by @Rio6 in #228
    Add link to new active port by @loralighte in #233
    chore: rename variables for examples, remove unused variables by @graves501 in #229
    fix(typo): fix wrong greeter_y_expr and typo error message in arguments parser. by @cmsxbc in #237
    Tab completion (#204) by @JezerM in #230
    Slideshow images loaded when needed (#241) by @JezerM in #242
    feat(control char): add basic control char support by @cmsxbc in #238
    build: disable debug and sanitizers by default by @alanswanson in #251
    Shell command options for media keys by @jclds139 in #256
    Support for XF86AudioMicMute by @kwesthaus in #273
    Fix: Remove breaking space in zsh completion by @kwesthaus in #274
jperkin pushed a commit that referenced this issue Jul 20, 2024
Changelog:
Tomcat 9.0.91 (remm)

Catalina

  * Fix: Allow JAASRealm to use the configuration source to load a configured
    configFile, for easier use with testing. (remm)
  * Fix: Add missing algorithm callback to the JAASCallbackHandler. (remm)
  * Fix: 69131: Expand the implementation of the filter value of the
    Authenticator attribute allowCorsPreflight, so that it applies to all
    requests that match the configured URL patterns for the CORS filter, rather
    than only applying if the CORS filter is mapped to /*. (markt)

Coyote

  * Fix: Improve the algorithm used to identify the IP address to use to unlock
    the acceptor thread when a Connector is listening on all local addresses.
    Interfaces that are configured for point to point connections or are not
    currently up are now skipped. (markt)
  * Fix: 69121: Ensure that the onComplete() event is triggered if
    AsyncListener.onError() dispatches to a target that throws an exception.
    (markt)
  * Fix: Following the trailer header field refactoring, -1 is no longer an
    allowed value for maxTrailerSize. Adjust documentation accordingly. (remm)

Jasper

  * Fix: Update the optimisation in jakarta.el.ImportHandler so it is aware of
    new classes added to the java.lang package in Java 23. (markt)
  * Fix: Ensure that an exception in toString() still results in an ELException
    when an object is coerced to a String using ExpressionFactory.coerceToType
    (). (markt)
  * Add: Add support for specifying Java 24 (with the value 24) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)
  * Fix: 69135: When using include directives in a tag file packaged in a JAR
    file, ensure that context relative includes are processed correctly.
    (markt)
  * Fix: 69135: When using include directives in a tag file packaged in a JAR
    file, ensure that file relative includes are processed correctly. (markt)
  * Fix: 69135: When using include directives in a tag file packaged in a JAR
    file, ensure that file relative includes are are not permitted to access
    files outside of the /META_INF/tags/ directory nor outside of the JAR file.
    (markt)

Web applications

  * Fix: Fix status servlet detailed view of the connectors when using
    automatic port. (remm)

Other

  * Update: Add test-only build target to allow running only the testsuite,
    supporting Java versions down to the minimum supported to run Tomcat.
    (rjung)
  * Update: Update UnboundID to 7.0.1. (markt)
  * Update: Update to SpotBugs 4.8.6. (markt)
  * Update: Remove cglib dependency as it is not required by the version of
    EasyMock used by the unit tests. (markt)
  * Update: Update EasyMock to 5.3.0. This adds a test dependency on Byte-Buddy
    1.14.17. (markt)
  * Add: Improvements to Czech translations by Vladimi'r Chlup. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)
  * Add: Improvements to Chinese translations by fangzheng. (markt)

2024-06-19 Tomcat 9.0.90 (remm)

Catalina

  * Add: Add support for shallow copies when using WebDAV. (markt)
  * Code: Deprecate the WebdavFixFilter as it is no longer required. (markt)
  * Fix: 69066: Fix regression in SPNEGO authenticator when processing Base64.
    Submitted by Daniel Lyko. (remm)
  * Update: Update minimum recommended version of Tomcat Native to 1.3.0. Pull
    request #728 provided by Dimitrios Soumis. (markt)
  * Update: The system property org.apache.catalina.connector.RECYCLE_FACADES
    will now default to true if not specified, which will in turn set the
    default value for the discardFacades connector attribute, thus causing
    facade objects to be discarded by default. (remm)
  * Add: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext) for
    retrieving extended/additional information from an established GSS context.
    (michaelo)
  * Fix: Correct a regression in the fix for 68721 that caused some instances
    of LinkageError to be reported as ClassNotFoundException. (markt)
  * Fix: Ensure that static resources deployed via a JAR file remain accessible
    when the context is configured to use a bloom filter. Based on pull request
    #730 provided by bergander. (markt)
  * Add: Introduce reference counting so the AprLifecycleListener is more
    robust. This particularly targets more complex embedded configurations with
    multiple server instances with independent lifecycles where more than one
    server instance requires the AprLifecycleListener. (markt)

Coyote

  * Fix: 69068: Ensure read timouts are triggered for asynchronous,
    non-blocking reads when using HTTP/2. (markt)
  * Update: 69133: Add task queue size configuration on the Connector element,
    similar to the Executor element, for consistency. (remm)
  * Fix: Make counting of active HTTP/2 streams per connection more robust.
    (markt)
  * Add: Add support for TLS 1.3 client initiated re-keying. (markt)

Jasper

  * Fix: 68546: Small additional optimisation for initial loading of Servlet
    code generated for JSPs. Based on a suggestion by Dan Armstrong. (markt)

Web applications

  * Add: Add the ability to set a sub-title for the Manager web application
    main page. This is intended to allow users with lots of instances to easily
    distinguish them. Based on pull request #724 by Simon Arame. (markt)

Other

  * Update: Revert Derby to 10.16.1.1 as that is the latest version of Derby
    that runs on Java 17. (markt)
  * Update: Update to Commons Daemon 1.4.0. (markt)
  * Update: Update to Objenesis 3.4. (markt)
  * Update: Update to Checkstyle 10.17.0. (markt)
  * Update: Update to SpotBugs 4.8.5. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)

2024-05-07 Tomcat 9.0.89 (remm)

Catalina

  * Update: Deprecate and remove sessionCounter (replaced by the addition of
    the active session count and the expired session count, as a reasonable
    approximation) and duplicates (which does not represent a possible event in
    current implementations) statistics from the session manager. (remm)
  * Fix: 68890 Align output encoding of JSPs in the Manager webapp with the XML
    declarations in those same files. (schultz)
  * Fix: Update Basic authentication to implement the requirements of RFC 7617
    including the changing of the trimCredentials setting which is now defaults
    to false. Note that the trimCredentials setting will be removed in Tomcat
    11. (markt)
  * Add: Small performance optimization when logging cookies with no values.
    (schultz)
  * Fix: Correct error handling for asynchronous requests. If the application
    performs an dispatch during AsyncListener.onError() the dispatch is now
    performed rather than completing the request using the error page
    mechanism. (markt)
  * Fix: Fix WebDAV lock null (locks for non existing resources) thread safety
    and removal. (remm)
  * Fix: Add periodic checking for WebDAV locks expiration. (remm)
  * Fix: Extend Asn1Parser to parse UTF8Strings. (michaelo)

Coyote

  * Fix: Align non-secure and secure writes with NIO and skip the write attempt
    when there are no bytes to be written. (markt)
  * Fix: Allow any positive value for socket.unlockTimeout. If a negative or
    zero value is configured, the default of 250ms will be used. (mark)
  * Fix: Reduce the time spent waiting for the connector to unlock. The
    previous default of 10s was noticeably too long for cases where the unlock
    has failed. The wait time is now 100ms plus twice socket.unlockTimeout.
    (markt)
  * Fix: Ensure that the onAllDataRead() event is triggered when the request
    body uses chunked encoding and is read using non-blocking IO. (markt)
  * Fix: 68934: Add debug logging in the latch object when exceeding
    maxConnections. (remm)
  * Fix: Refactor trailer field handling to use a MimeHeaders instance to store
    trailer fields. (markt)
  * Fix: Ensure that multiple instances of the same trailer field are handled
    correctly. (markt)
  * Fix: Fix non-blocking reads of chunked request bodies. (markt)
  * Fix: When an invalid HTTP response header was dropped, an off-by-one error
    meant that the first header in the response was also dropped. Fix based on
    pull request #710 by foremans. (markt)

Jasper

  * Add: Add support for specifying Java 23 (with the value 23) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)

WebSocket

  * Fix: 68884: Reduce the write timeout when writing WebSocket close messages
    for abnormal closes. The timeout defaults to 50 milliseconds and may be
    controlled using the
    org.apache.tomcat.websocket.ABNORMAL_SESSION_CLOSE_SEND_TIMEOUT property in
    the user properties collection associated with the WebSocket session.
    (markt)

Web applications

  * Fix: Examples: Improve performance of WebSocket chat application when
    multiple clients disconnect at the same time. (markt)
  * Update: Examples: Increase the number of previous messages displayed when
    using the WebSocket chat application. (markt)
  * Fix: Examples: Improve performance of WebSocket snake application when
    multiple clients disconnect at the same time. (markt)

Other

  * Update: Switch to using the Base64 encoder and decoder provided by the JRE
    rather than the version provided by Commons Codec. The internal fork of
    Commons Codec has been deprecated and will be removed in Tomcat 11. (markt)
  * Update: Update NSIS to 3.10. (mark0t)
  * Update: Update UnboundID to 7.0.0. (markt)
  * Update: Update Checkstyle to 10.16.0. (markt)
  * Update: Update JaCoCo to 0.8.12. (markt)
  * Update: Update SpotBugs to 4.8.4. (markt)
  * Update: Update the internal fork of Apache Commons BCEL to 6.9.0. (markt)
  * Update: Update the internal fork of Apache Commons DBCP to 2.12.0. (markt)
  * Add: Improvements to Japanese translations by tak7iji. (markt)

2024-04-16 Tomcat 9.0.88 (remm)

Catalina

  * Update: Add highConcurrencyStatus attribute to the SemaphoreValve to
    optionally allow the valve to return an error status code to the client
    when a permit cannot be acquired from the semaphore. (remm)
  * Add: Add checking of the "age" of the running Tomcat instance since its
    build-date to the SecurityListener, and log a warning if the server is old.
    (schultz)
  * Fix: When using the AsyncContext, throw an IllegalStateException, rather
    than allowing an NullPointerException, if an attempt is made to use the
    AsyncContext after it has been recycled. (markt)
  * Fix: Change the thread-safety mechanism for protecting
    StandardServer.services from a simple synchronized lock to a
    ReentrantReadWriteLock to allow multiple readers to operate simultaneously.
    Based upon a suggestion by Markus Wolfe. (schultz)
  * Fix: Improve Service connectors, Container children and Service executors
    access sync using a ReentrantReadWriteLock. (remm)
  * Fix: Improve handling of integer overflow if an attempt is made to upload a
    file via the Servlet API and the file is larger than Integer.MAX_VALUE.
    (markt)
  * Fix: 68862: Handle possible response commit when processing read errors.
    (remm)

Coyote

  * Fix: Add threadsMaxIdleTime attribute to the endpoint, to allow configuring
    the amount of time before an internal executor will scale back to the
    configured minSpareThreads size. (remm)

Jasper

  * Fix: Handle the case where the JSP engine forwards a request/response to a
    Servlet that uses an OutputStream rather than a Writer. This was triggering
    an IllegalStateException on code paths where there was a subsequent attempt
    to obtain a Writer. (markt)
  * Fix: Correctly handle the case where a tag library is packaged in a JAR
    file and the web application is deployed as a WAR file rather than an
    unpacked directory. (markt)
  * Fix: Prevent the web application's ClassLoader from being pinned by the JSP
    compiler if an application uses a custom XMLInputFactory. Based upon a
    suggestion from Simon Niederberger. (schultz)

Other

  * Update: Update Checkstyle to 10.14.1. (markt)
  * Update: Update the internal fork of Apache Commons BCEL to 6.8.2. (markt)
  * Update: Update the internal fork of Apache Commons Codec to 1.16.1. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (remm)
  * Add: Improvements to Chinese translations by leeyazhou. (remm)

2024-03-14 Tomcat 9.0.87 (remm)

Catalina

  * Fix: Minor performance improvement for building filter chains. Based on
    ideas from pull request #702 by Luke Miao. (remm)
  * Fix: Align error handling for Writer and OutputStream. Ensure use of either
    once the response has been recycled triggers a NullPointerException
    provided that discardFacades is configured with the default value of true.
    (markt)
  * Fix: 68692: The standard thread pool implementations that are configured
    using the Executor element now implement ExecutorService for better support
    NIO2. (remm)
  * Fix: 68495: When restoring a saved POST request after a successful FORM
    authentication, ensure that neither the URI, the query string nor the
    protocol are corrupted when restoring the request body. (markt)
  * Fix: 68721: Workaround a possible cause of duplicate class definitions when
    using ClassFileTransformers and the transformation of a class also triggers
    the loading of the same class. (markt)
  * Fix: The rewrite valve should not do a rewrite if the output is identical
    to the input. (remm)
  * Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow
    skipping over the next valve in the Catalina pipeline. (remm)

Coyote

  * Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all
    of the connection windows and still has content to write, it will now be
    added to the backlog immediately rather than waiting until the write
    attempt for the remaining content. (markt)
  * Fix: Correct a regression in the support for user provided SSLContext
    instances that broke the
    org.apache.catalina.security.TLSCertificateReloadListener. (markt)

Jasper

  * Add: Add support for specifying Java 22 (with the value 22) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)

Cluster

  * Fix: Avoid updating request count stats on async. (remm)

Other

  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)
  * Fix: 57130: Allow digest.(sh|bat) to accept password from a file or stdin.
    (csutherl/schultz)

2024-02-19 Tomcat 9.0.86 (remm)

Catalina

  * Fix: Correct JPMS and OSGi meta-data for tomcat-enbed-core.jar by removing
    reference to org.apache.catalina.ssi package that is no longer included in
    the JAR. Based on pull request #684 by Jendrik Johannes. (markt)
  * Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are
    correctly removed from files containing property values when configured to
    do so. Bug identified by Coverity Scan. (markt)
  * Add: Add improvements to the CSRF prevention filter including the ability
    to skip adding nonces for resource name and subtree URL patterns. (schultz)
  * Fix: Review usage of debug logging and downgrade trace or data dumping
    operations from debug level to trace. (remm)
  * Fix: 68089: Further improve the performance of request attribute access for
    ApplicationHttpRequest and ApplicationRequest. (markt)
  * Fix: 68559: Allow asynchronous error handling to write to the response
    after an error during asynchronous processing. (markt)

Coyote

  * Fix: Make asynchronous error handling more robust. Ensure that once a
    connection is marked to be closed, further asynchronous processing cannot
    change that. (markt)
  * Fix: Make asynchronous error handling more robust. Ensure that once the
    call to AsyncListener.onError() has returned to the container, only
    container threads can access the AsyncContext. This protects against
    various race conditions that woudl otherwise occur if application threads
    continued to access the AsyncContext.
  * Fix: Review usage of debug logging and downgrade trace or data dumping
    operations from debug level to trace. In particular, most of the HTTP/2
    debug logging has been changed to trace level. (remm)
  * Fix: Add support for user provided SSLContext instances configured on
    SSLHostConfigCertificate instances. Based on pull request #673 provided by
    Hakan Alt??nda?. (markt)
  * Fix: Improve the Tomcat Native shutdown process to reduce the likelihood of
    a JVM crash during Tomcat shutdown. (markt)
  * Fix: Partial fix for 68558: Cache the result of converting to String for
    request URI, HTTP header names and the request Content-Type value to
    improve performance by reducing repeated byte[] to String conversions.
    (markt)
  * Fix: Improve error reporting to HTTP/2 clients for header processing errors
    by reporting problems at the end of the frame where the error was detected
    rather than at the end of the headers. (markt)
  * Fix: Remove the remaining reference to a stream once the stream has been
    recycled. This makes the stream eligible for garbage collection earlier and
    thereby improves scalability. (markt)

Jasper

  * Fix: 68546: Generate optimal size and types for JSP imports maps, as
    suggested by John Engebretson. (remm)
  * Fix: Review usage of debug logging and downgrade trace or data dumping
    operations from debug level to trace. (remm)

WebSocket

  * Fix: Correct a regression in the fix for 66508 that could cause an
    UpgradeProcessor leak in some circumstances. (markt)
  * Fix: Review usage of debug logging and downgrade trace or data dumping
    operations from debug level to trace. (remm)
  * Fix: Ensure that WebSocket connection closure completes if the connection
    is closed when the server side has used the proprietary suspend/resume
    feature to suspend the connection. (markt)

Web applications

  * Add: Add support for responses in JSON format from the examples application
    RequestHeaderExample. (schultz)

Other

  * Update: Update Checkstyle to 10.13.0. (markt)
  * Update: Update JSign to 6.0. (markt)
  * Update: Add strings for debug level messages. (remm)
  * Update: Update Tomcat Native to 1.3.0. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)

2024-01-09 Tomcat 9.0.85 (remm)

Catalina

  * Update: 68378: Align extension to MIME type mappings in the global web.xml
    with those in httpd by adding application/vnd.geogebra.slides for ggs, text
    /javascript for mjs and audio/ogg for opus. (markt)

Coyote

  * Fix: Refactor the VirtualThreadExecutor so that it can be used by the NIO2
    connector which was using platform threads even when configured to use
    virtual threads. (markt)
  * Fix: Correct a regression in the fix for 67675 that broke TLS key file
    parsing for PKCS#8 format keys that do not specify an explicit
    pseudo-random function and rely on the default. This typically affects keys
    generated by OpenSSL 1.0.2. (markt)
  * Fix: Allow multiple operations with the same name on introspected mbeans,
    fixing a regression caused by the introduction of a second addSslHostConfig
    method. (remm)
  * Fix: Relax the check that the HTTP Host header is consistent with the host
    used in the request line, if any, to make the check case insensitive since
    host names are case insensitive. (markt)
  * Add: 68348: Add support for the partitioned attribute for cookies. (markt)

Web Applications

  * Fix: 68035: Additional fix to the Manager application to enable the
    deployment of a web application located in a Host's appBase where the web
    application is specified by a bare (no path) WAR or directory name as shown
    in the documentation. (markt)

Other

  * Update: Update Checkstyle to 10.12.7. (markt)
  * Update: Update SpotBugs to 4.8.3. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)

2023-12-12 Tomcat 9.0.84 (remm)

Catalina

  * Fix: Background processes should not be run concurrently with lifecycle
    operations of a container. (remm)
  * Fix: Correct unintended escaping of XML in some WebDAV responses. The XML
    list of support locks when provided in response to a PROPFIND request was
    incorrectly XML escaped. (markt)
  * Fix: 68227: Ensure that AsyncListener.onComplete() is called if
    AsyncListener.onError() calls AsyncContext.dispatch(). (markt)
  * Fix: 68228: Use a 408 status code if a read timeout occurs during HTTP
    request processing. Includes a test case based on code provided by
    adwsingh. (markt)

Jasper

  * Code: 68119: Refactor the CompositeELResolver to improve performance during
    type conversion operations. (markt)

Web Applications

  * Fix: Examples. Improve the error handling so snakes associated with a user
    that drops from the network are removed from the game. (markt)

Other

  * Update: Update UnboundID to 6.0.11. (markt)
  * Update: Update Checkstyle to 10.12.5. (markt)
  * Update: Update SpotBugs to 4.8.2. (markt)
  * Update: Update Derby to 10.17.1. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)
  * Add: Improvements to Brazilian Portuguese translations by John William
    Vicente. (markt)
  * Add: Improvements to Russian translations by usmazat and remm. (markt)

2023-11-15 Tomcat 9.0.83 (remm)

Catalina

  * Fix: 67667: TLSCertificateReloadListener prints unreadable rendering of
    X509Certificate#getNotAfter(). (michaelo)
  * Update: The status servlet included in the manager webapp can now output
    statistics as JSON, using the JSON=true URL parameter. (remm)
  * Update: Optionally allow ServiceBindingPropertySource to trim a trailing
    newline from a file containing a property-value. (schultz)
  * Fix: 67793: Ensure the original session timeout is restored after FORM
    authentication if the user refreshes a page during the FORM authentication
    process. Based on a suggestion by Mircea Butmalai. (markt)
  * Update: 67926: PEMFile prints unidentifiable string representation of ASN.1
    OIDs. (michaelo)
  * Fix: 66875: Ensure that setting the request attribute
    jakarta.servlet.error.exception is not sufficient to trigger error handling
    for the current request and response. (markt)
  * Fix: 68054: Avoid some file canonicalization calls introduced by the fix
    for 65433. (remm)
  * Fix: 68089: Improve performance of request attribute access for
    ApplicationHttpRequest and ApplicationRequest. (markt)
  * Fix: Use a 400 status code to report an error due to a bad request (e.g. an
    invalid trailer header) rather than a 500 status code. (markt)
  * Fix: Ensure that an IOException during the reading of the request triggers
    always error handling, regardless of whether the application swallows the
    exception. (markt)

Coyote

  * Add: 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#
    certificateKeystorePasswordFile. (michaelo)
  * Add: When calling SSLHostConfigCertificate.setCertificateKeystore(ks),
    automatically call setCertificateKeystoreType(ks.getType()). (markt)
  * Fix: 67628: Clarify how the ciphers attribute of the SSLHostConfig is used.
    (markt)
  * Fix: 67666: Ensure TLS connectors using PEM files either work with the
    TLSCertificateReloadListener or, in the rare case that they do not, log a
    warning on Connector start. (markt)
  * Fix: 67675: Support a wider range of KDF and ciphers for PEM files than the
    combinations supported by the JVM by default. Specifically, support the
    OpenSSL default of HmacSHA256 and DES-EDE3-CBC. (markt)
  * Fix: 67927: Reloading TLS configuration can cause the Connector to refuse
    new connections or the JVM to crash. (markt)
  * Fix: 67934: If both Tomcat Native 1.2.x and 2.0.x are available, prefer
    1.2.x since it supports the APR/Native connector whereas 2.0.x does not.
    (markt)
  * Fix: 67938: Correct handling of large TLS client hello messages that were
    causing the TLS handshake to fail. (markt)
  * Fix: 68026: Convert selected MessageByte values to String when first
    accessed to speed up subsequent accesses and reduce garbage collection.
    (markt)

Jasper

  * Fix: 68068: Performance improvement for EL. Based on a suggestion by John
    Engebretson. (markt)

Web applications

  * Fix: 68035: Correct a regression in the fix for 56248 that prevented
    deployment via the Manager of a WAR or directory that was already present
    in the appBase or a context file that was already present in the xmlBase.
    (markt)

Other

  * Add: 67538: Make use of Ant's <javaversion /> task to enfore the mininum
    Java build version. (michaelo)
  * Update: Update Checkstyle to 10.12.4. (markt)
  * Update: Update JaCoCo to 0.8.11. (markt)
  * Update: Update SpotBugs to 4.8.0. (markt)
  * Update: Update BND to 7.0.0. (markt)
  * Update: The minimum Java version required to build Tomcat has been raised
    to Java 17. (markt)

2023-10-13 Tomcat 9.0.82 (remm)

Coyote

  * Fix: 67670: Fix regression with HTTP compression after code refactoring.
    (remm)

jdbc-pool

  * Fix: 67664: Correct a regression in the clean-up of unnecessary use of
    fully qualified class names in 9.0.81 that broke the jdbc-pool. (markt)

2023-10-10 Tomcat 9.0.81 (remm)

Catalina

  * Add: 65770: Provide a lifecycle listener that will automatically reload TLS
    configurations a set time before the certificate is due to expire. This is
    intended to be used with third-party tools that regularly renew TLS
    certificates. (markt)
  * Fix: Fix handling of an error reading a context descriptor on deployment.
    (remm)
  * Fix: Fix rewrite rule qsd (query string discard) being ignored if qsa was
    also use, while it should instead take precedence. (remm)
  * Fix: 67472: Send fewer CORS-related headers when CORS is not actually being
    engaged. (schultz)
  * Add: Improve handling of failures within recycle() methods. (markt)

Coyote

  * Fix: 67198: Ensure that the AJP connector attribute tomcatAuthorization
    takes precedence over the tomcatAuthentication attribute when processing an
    auth_type attribute received from a proxy server. (markt)
  * Fix: 67235: Fix a NullPointerException when an AsyncListener handles an
    error with a dispatch rather than a complete. (markt)
  * Fix: When an error occurs during asynchronous processing, ensure that the
    error handling process is only triggered once per asynchronous cycle.
    (markt)
  * Fix: Fix logic issue trying to match no argument method in
    IntropectionUtil. (remm)
  * Fix: Improve thread safety around readNotify and writeNotify in the NIO2
    endpoint. (remm)
  * Fix: Avoid rare thread safety issue accessing message digest map. (remm)
  * Fix: Improve statistics collection for upgraded connections under load.
    (remm)
  * Fix: Align validation of HTTP trailer fields with standard fields. (markt)
  * Fix: Improvements to HTTP/2 overhead protection. (markt)

Jasper

  * Fix: 67080: Improve performance of EL expressions in JSPs that use implicit
    objects. Based on suggestions by John Engebretson, Anurag Dubey and
    Christopher Schultz. (markt)

Other

  * Update: Update the internal fork of Apache Commons FileUpload to 7a8c324
    (2023-09-16, 1.x-SNAPSHOT). Due to significant refactoring in the 2.x
    branch requiring additional Commons IO dependencies, Tomcat has switched to
    tracking the 1.x branch. (markt)
  * Add: Add the Bundle-License header to the JAR manifest for all Tomcat JARs.
    (markt)
  * Update: Update UnboundID to 6.0.10. (markt)
  * Update: Update Checkstyle to 10.12.3. (markt)
  * Update: Update Tomcat Native to 1.2.39 to pick up Windows binaries built
    with OpenSSL 3.0.11. (markt)
  * Update: Update Commons Pool to 2.12.0. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)
  * Add: Improvements to Russian translations by usmazat. (markt)

2023-08-25 Tomcat 9.0.80 (markt)

Catalina

  * Fix: If an application or library sets both a non-500 error code and the
    javax.servlet.error.exception request attribute, use the provided error
    code during error page processing rather than assuming an error code of
    500. (markt)
  * Fix: Update code comments and Tomcat output to use MiB for 1024 * 1024
    bytes and KiB for 1024 bytes rather than MB and kB. (martk)
  * Fix: Avoid protocol relative redirects in FORM authentication. (markt)

Web applications

  * Fix: Documentation. Update documentation to use MiB for 1024 * 1024 bytes
    and KiB for 1024 bytes rather than MB and kB. (martk)

Other

  * Add: Improvements to Chinese translations. (lihan)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)

2023-08-15 Tomcat 9.0.79 (remm)

Catalina

  * Fix: Fix potential database connection leaks in DataSourceUserDatabase
    identified by Coverity Scan. (markt)
  * Fix: Make parsing of ExtendedAccessLogValve patterns more robust. (markt)
  * Fix: Fix failure trying to persist configuration for an internal credential
    handler. (remm)
  * Fix: 66680: When serializing a session during the session presistence
    process, do not log a warning that null Principals are not serializable.
    Pull request #638 provided by tsryo. (markt)
  * Fix: Catch NamingException in JNDIRealm#getPrincipal. It is used in Java up
    to 17 to signal closed connections. (fschumacher)
  * Fix: 66822: Use the same naming format in log messages for Connector
    instances as the associated ProtocolHandler instance. (markt)
  * Fix: The parts count should also lower the actual maxParameterCount used
    for parsing parameters if parts are parsed first. (remm)

Coyote

  * Fix: Refactor blocking reads and writes for the NIO connector to remove
    code paths that could allow a notification from the Poller to be missed
    resuting in a timeout rather than the expected read or write. (markt)
  * Fix: Refactor waiting for an HTTP/2 stream or connection window update to
    handle spurious wake-ups during the wait. (markt)
  * Fix: Correct a regression introduced in 9.0.78 and use the correct constant
    when constructing the default value for the certificateKeystoreFile
    attribute of an SSLHostConfigCertificate instance. (markt)
  * Code: Refactor HTTP/2 implementation to reduce pinning when using virtual
    threads. (markt)
  * Fix: Pass through ciphers referring to an OpenSSL profile, such as PROFILE=
    SYSTEM instead of producing an error trying to parse it. (remm)
  * Fix: 66841: Ensure that AsyncListener.onError() is called after an error
    during asynchronous processing with HTTP/2. (markt)
  * Fix: 66842: When using asynchronous I/O (the default for NIO and NIO2),
    include DATA frames when calculating the HTTP/2 overhead count to ensure
    that connections are not prematurely terminated. (markt)
  * Fix: Correct a race condition that could cause spurious RST messages to be
    sent after the response had been written to an HTTP/2 stream. (markt)

WebSocket

  * Fix: 66681: Fix a NullPointerException when flushing batched messages with
    compression enabled using permessage-deflate. (markt)

jdbc-pool

  * Fix: Fix the releaseIdleCounter does not increment when testAllIdle
    releases them. Pull request #241 provided by Arun Chaitanya Miriappalli
    (lihan)
  * Fix: Fix the ConnectionState state will be inconsistent with actual state
    on the connection when an exception occurs while writing. Pull request #643
    provided by Wenjun Xiao. (lihan)

Other

  * Fix: Align documentation for maxParameterCount to match hard-coded
    defaults. Contributed by Michal Sobkiewicz. (schultz)
  * Update: Update NSIS to 3.09. (markt)
  * Update: Update Checkstyle to 10.12.2. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations. Contributed by tak7iji and
    Shirayuking. (markt)
  * Fix: 66829: Fix quoting so users can use the _RUNJAVA environment variable
    as intended on Windows when the path to the Java executable contains
    spaces. (markt)
  * Update: Update Tomcat Native to 1.2.38 to pick up Windows binaries built
    with OpenSSL 1.1.1v. (markt)

2023-07-10 Tomcat 9.0.78 (remm)

Other

  * Fix: Correct properties for JSign dependency. (rjung)

not released Tomcat 9.0.77 (remm)

Catalina

  * Add: 59232: Add org.apache.catalina.core.ContextNamingInfoListener, a
    listener which creates context naming information environment entries.
    (michaelo)
  * Add: 66665: Add org.apache.catalina.core.PropertiesRoleMappingListener, a
    listener which populates the context's role mapping from a properties file.
    (michaelo)
  * Fix: Fix an edge case where intra-web application symlinks would be
    followed if the web applications were deliberately crafted to allow it even
    when allowLinking was set to false. (markt)
  * Update: Add utlity config file resource lookup on Context to allow looking
    up resources from the webapp (prefixed with webapp:) and make the resource
    lookup API more visible. (remm)

Coyote

  * Fix: 66627: Restore the documented behaviour of MessageBytes.getType() that
    it returns the type of the original content rather than reflecting the most
    recent conversion. (markt)
  * Fix: 66635: Correct certificate logging on start-up so it differentiates
    between keystore based keys/certificates and PEM file based keys/
    certificates and logs the relevant information for each. (markt)

WebSocket

  * Fix: Improve handling of error conditions for the WebSocket server,
    particularly during Tomcat shutdown. (markt)
  * Fix: Correct a regression in the fix for 66574 that meant the WebSocket
    session could return false for onOpen() before the onClose() event had been
    completed. (markt)

Web applications

  * Add: Documentation. Expand the security guidance to cover the embedded use
    case and add notes on the uses made of the java.io.tmpdir system property.
    (markt)
  * Fix: 66662: Documentation. Fix a typo in the name of the algorithms
    attribute in the configuration section for the Digest authentication valve.
    Pull request #629 provided by gohilmca. (markt)

Other

  * Add: Include the Windows specific binary distributions in the files
    uploaded to Maven Central. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations. Contributed by tak7iji. (markt)
  * Update: Update UnboundID to 6.0.9. (markt)
  * Update: Update Checkstyle to 10.12.1. (markt)
  * Update: Update BND to 6.4.1. (markt)
  * Update: Update JSign to 5.0. (markt)

2023-06-09 Tomcat 9.0.76 (remm)

Catalina

  * Add: Add RateLimitFilter which can be used to mitigate DoS and Brute Force
    attacks. (isapir)
  * Code: Move the management of the utility executor from the init()/destroy()
    methods of components to the start()/stop() methods. (markt)
  * Add: Add org.apache.catalina.core.StandardVirtualThreadExecutor, a virtual
    thread based executor that may be used with one or more Connectors to
    process requests received by those Connectors using virtual threads. This
    Executor requires a minimum Java version of Java 21. (markt)
  * Fix: 66513: Add a per session Semaphore to the PersistentValve that ensures
    that, within a single Tomcat instance, there is no more than one concurrent
    request per session. Also expand the debug logging to include whether a
    request bypasses the Valve and the reason if a request fails to obtain the
    per session Semaphore. (markt)
  * Fix: 66609: Ensure that the default servlet correctly escapes file names in
    directory listings when using XML output. Based on pull request #621 by
    Alex Kachanov. (markt)
  * Add: 66618: Add a numeric last modified field to the XML directory listings
    produced by the default servlet to enable sorting in the XSLT. Pull request
    #622 by Alex Kachanov. (markt)
  * Fix: 66621: Attempts to lock a collection with WebDAV may incorrectly fail
    if a child collection has an expired lock. (markt)
  * Fix: 66622: Deprecate the xssProtectionEnabled setting from the
    HttpHeaderSecurityFilter and change the default value to false as support
    for the associated HTTP header has been removed from all major browsers.
    (markt)

Coyote

  * Update: Update the HTTP/2 implementation to use the prioritization scheme
    defined in RFC 9218 rather than the one defined in RFC 7540. (markt)
  * Fix: 66602: not sending WINDOW_UPDATE when dataLength is ZERO on call
    SwallowedDataFramePayload. Pull request #619 by ledefe. (lihan)

WebSocket

  * Fix: 66548: Expand the validation of the value of the Sec-Websocket-Key
    header in the HTTP upgrade request that initiates a WebSocket connection.
    The value is not decoded but it is checked for the correct length and that
    only valid characters from the base64 alphabet are used. (markt)

Other

  * Update: Update to Commons Daemon 1.3.4. (markt)
  * Add: Improvements to French translations. (remm)
  * Update: Update Checkstyle to 10.12.0. (markt)
  * Update: Update the packaged version of the Apache Tomcat Native Library to
    1.2.37 to pick up the Windows binaries built with with OpenSSL 1.1.1u.
    (markt)

2023-05-10 Tomcat 9.0.75 (remm)

Catalina

  * Fix: 66567: Fix missing IllegalArgumentException after the Tomcat code was
    converted to using URI instead of URL. (remm)
  * Fix: Escape timestamp output in AccessLogValve if a SimpleDateFormat is
    used which contains verbatim characters that need escaping. (rjung)
  * Update: Change output of vertical tab in AccessLogValve from \v to \u000b.
    (rjung)
  * Update: Improve performance of escaping in AccessLogValve roughly by a
    factor of two. (rjung)
  * Update: Improve JsonAccessLogValve: support more patterns like for headers
    and attributes. Those will be logged as sub objects. (rjung)
  * Fix: #613: Fix possible partial corrupted file copies when using file
    locking protection or the manager servlet. Submitted by Jack Shirazi.
    (remm)

Coyote

  * Add: Add support for a new character set, gb18030-2022 - introduced in Java
    21, to the character set caching mechanism. (markt)
  * Fix: Fix an edge case in HTTP header parsing and ensure that HTTP headers
    without names are treated as invalid. (markt)
  * Update: Deprecate the HTTP Connector settings rejectIllegalHeader and
    allowHostHeaderMismatch as they have been removed in Tomcat 11 onwards.
    (markt)
  * Fix: 66591: Fix a regression introduced in the fix for 66512 that meant
    that an AJP Send Headers was not sent for responses where no HTTP headers
    were set. (markt)

Jasper

  * Fix: 66582: Account for EL having stricter requirements for static imports
    than JSPs when adding JSP static imports to the EL context. (markt)

WebSocket

  * Fix: 66574: Refactor WebSocket session close to remove the lock on the
    SocketWrapper which was a potential cause of deadlocks if the application
    code used simulated blocking. (markt)
  * Fix: 66575: Avoid unchecked use of the backing array of a buffer provided
    by the user in the compression transformation. (remm)
  * Fix: Improve exception handling when flushing batched messages during
    WebSocket session close. (markt)
  * Fix: 66581: Update AsyncChannelGroupUtil to align it with the current
    defaults for AsynchronousChannelGroup. Pull request #612 by Matthew
    Painter. (markt)

Other

  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Chinese translations. (lihan)
  * Update: Update Checkstyle to 10.10.0. (markt)
  * Update: Update Jacoco to 0.8.10. (markt)

2023-04-18 Tomcat 9.0.74 (remm)

Catalina

  * Fix: 65995: Implement RFC 9239 and use text/javascript as the media type
    for JavaScript rather than application/javascript. (markt)
  * Add: Add an access log valve that uses a json format. Based on pull request
    #539 provided by Thomas Meyer. (remm)
  * Add: Harden the FORM authentication process against DoS attacks by using a
    reduced session timeout if the FORM authentication process creates a
    session. The duration of this timeout is configured by the
    authenticationSessionTimeout attribute of the FORM authenticator. (markt)
  * Fix: 66527: Correct the Javadoc for the Tomcat.addWebapp() methods that
    incorrectly stated that the docBase parameter could be a relative path.
    (markt)
  * Fix: 66524 Correct eviction ordering in WebResource cache to be LRU as
    intended. (schultz)
  * Update: Use server.xml to reduce the default value of maxParameterCount
    from 10,000 to 1,000. If not configured in server.xml, the default remains
    10,000. (markt)
  * Add: Update Digest authentication support to align with RFC 7616. This adds
    a new configuration attribute, algorithms, to the DigestAuthenticator with
    a default of SHA-256,MD5. (markt)
  * Update: Add support code for custom user attributes in RealmBase. Based on
    code from #473 by Carsten Klein. (remm)
  * Fix: Expand the set of HTTP request headers considered sensitive that
    should be skipped when generating a response to a TRACE request. This
    aligns with 11.0.x. (markt)
  * Fix: 66541: Improve handling for cached resources for resources that use
    custom URL schemes. The scheme specific equals() and hashCode() algorithms,
    if present, will now be used for URLs for these resources. This addresses a
    potential performance issue with some OSGi custom URL schemes that can
    trigger potentially slow DNS lookups in some configurations. Based on a
    patch provided by Tom Whitmore. (markt)
  * Fix: When using a custom session manager deployed as part of the web
    application, avoid ClassNotFoundExceptions when validating session IDs
    extracted from requests. (markt)
  * Fix: 66543: Give StandardContext#fireRequestDestroyEvent its own log
    message. (fschumacher)
  * Fix: 66554: Initialize Random during server initialization to avoid
    possible JVM thread creation in the webapp context on some platforms.
    (remm)
  * Update: Make the server utility executor available to webapps using a
    Servlet context attribute named
    org.apache.tomcat.util.threads.ScheduledThreadPoolExecutor. (remm)

Coyote

  * Fix: JSON filter should support specific escaping for common special
    characters as defined in RFC 8259. Based on code submitted by Thomas Meyer.
    (remm)
  * Fix: 66511: Fix GzipOutputFilter (used for compressed HTTP responses) when
    used with direct buffers. Patch suggested by Arjen Poutsma. (markt)
  * Fix: 66512: Align AJP handling of invalid HTTP response headers (they are
    now removed from the response) with HTTP. (markt)
  * Fix: 66530: Correct a regression in the fix for bug 66442 that meant that
    streams without a response body did not decrement the active stream count
    when completing leading to ERR_HTTP2_SERVER_REFUSED_STREAM for some
    connections. (markt)
  * Code: Refactor synchronization blocks locking on SocketWrapper to use
    ReentrantLock to support users wishing to experiment with project Loom.
    (markt)

Jasper

  * Fix: 66536: Fix parsing of tag files that meant that tag directives could
    be ignored for some tag files. (markt)

Cluster

  * Fix: 66535: Redefine the maxValidTime attribute of FarmWarDeployer to be
    the maximum time allowed between receiving parts of a transferred file
    before the transfer is cancelled and the associated resources cleaned-up. A
    new warning message will be logged if the file transfer is cancelled.
    (markt)

WebSocket

  * Fix: 66508: When using WebSocket with NIO2, avoid waiting for a timeout
    before sending the close frame if an I/O error occurs during a write.
    (markt)

Other

  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations. Contributed by Shirayuking and
    tak7iji. (markt)
  * Add: Improvements to Chinese translations. Contributed by totoo. (markt)
  * Code: Refactor code using MD5Encoder to use HexUtils.toHexString(). (markt)
  * Fix: 66507: Fix a bug that $JAVA_OPTS is not passed to the jvm in
    catalina.sh when calling version. Patch suggested by Eric Hamilton. (lihan)
  * Update: Update the internal fork of Commons DBCP to f131286 (2023-03-08,
    2.10.0-SNAPSHOT). This corrects a regression introduced in 9.0.71. (markt)
  * Fix: Improve the error messages if JRE_HOME or JAVA_HOME are not set
    correctly. On windows, align the handling of JRE_HOME and JAVA_HOME for the
    start-up scripts and the service install script. (markt)
  * Update: Update UnboundID to 6.0.8. (markt)
  * Update: Update Checkstyle to 10.9.3. (markt)
  * Update: Update Jacoco to 0.8.9. (markt)
  * Fix: Enhance PEMFile to load from an InputStream. Patch provided by Romain
    Manni-Bucau. (schultz)

2023-03-03 Tomcat 9.0.73 (remm)

General

  * Fix: Fix a bug that memory allocation is larger than limit in
    SynchronizedStack to reduce memory footprint. (lihan)

Catalina

  * Add: Add support for txt: and rnd: rewrite map types from mod_rewrite.
    Based on a pull request #591 provided by Dimitrios Soumis. (remm)
  * Update: Provide a more appropriate response (501 rather than 400) when
    rejecting an HTTP request using the CONNECT method. (markt)
  * Fix: 66488: Correct a regression introduced in the fix for bug 66196 that
    meant that the HTTP headers and/or request line could get corrupted (one
    part overwriting another part) within a single request. (markt)

Coyote

  * Add: Add a check for the validity of the scheme pseudo-header in HTTP/2.
    (markt)
  * Fix: 66482: Restore inline state after async operation in NIO2, to account
    the fact that unexpected exceptions are sometimes thrown by the
    implementation. Patch submitted by zhougang. (remm)

2023-02-23 Tomcat 9.0.72 (remm)

Catalina

  * Fix: Allow a Valve to access cookies from a request that cannot be mapped
    to a Context. (markt)
  * Fix: Refactor uses of String.replaceAll() to use String.replace() where
    regular expressions where not being used. Pull request #581 provided by
    Andrei Briukhov. (markt)
  * Add: Add error report valve that allows redirecting to of proxying from an
    external web server. Based on code and ideas from pull request #506
    provided by Max Fortun. (remm)
  * Add: 66470: Add the Shared Address Space defined by RFC 6598 (100.64.0.0/
    10) to the regular expression used to identify internal proxies for the
    RemoteIpFilter and RemoteIpValve. (markt)
  * Fix: 66471: Fix JSessionId secure attribute missing When RemoteIpFilter
    determines that this request was submitted via a secure channel. (lihan)

Coyote

  * Add: Log basic information for each configured TLS certificate when Tomcat
    starts. (markt)
  * Fix: 66442: When an HTTP/2 response must not include a body, ensure that
    the end of stream flag is set on the headers frame and that no data frame
    is sent. (markt)
  * Fix: 66455: Fix the cause of a potential ClassCastException when processing
    a WINDOW_UPDATE frame on an HTTP/2 connection where the flow control window
    for the overall connection has been exhausted. (markt)
  * Fix: Fix a regression introduced in 9.0.65 that prevented HTTP/2
    connections from timing out when using a Connector configured with
    useAsyncIO=true (the default for NIO and NIO2). (markt)
  * Add: Provided dedicated loggers
    (org.apache.tomcat.util.net.NioEndpoint.certificate /
    org.apache.tomcat.util.net.Nio2Endpoint.certificate /
    org.apache.tomcat.util.net.AprEndpoint.certificate) for logging of
    configured TLS certificates. (markt)

Jasper

  * Fix: 66419: Fix calls from expression language to a method that accepts
    varargs when only one argument was passed. (markt)
  * Fix: 66441: Make imports of static fields in JSPs visible to any EL
    expressions used on the page. (markt)

Web applications

  * Fix: 66429: Documentation. Limit access to the documentation web
    application to localhost by default. (markt)
  * Fix: 66429: Examples. Limit access to the examples web application to
    localhost by default. (markt)

Other

  * Update: Update BND to 6.4.0. (markt)
  * Add: Improvements to Korean translations. (woonsan)
  * Update: Update the packaged version of the Apache Tomcat Native Library to
    1.2.36 to pick up the Windows binaries built with with OpenSSL 1.1.1t.
    (markt)

2023-01-13 Tomcat 9.0.71 (remm)

Catalina

  * Fix: 66388: Correct a regression in the refactoring that replaced the use
    of the URL constructors. The regression broke lookups for resources that
    contained one or more characters in their name that required escaping when
    used in a URI path. (markt)
  * Fix: 66392: Change the default value of AccessLogValve's file encoding to
    UTF-8 and update documentation. (lihan)
  * Fix: 66393: Align ExtendedAccessLogValve's x-P(XXX) with the documentation.
    (lihan)

Coyote

  * Fix: When resetting an HTTP/2 stream because the final response has been
    generated before the request has been fully read, use the HTTP/2 error code
    NO_ERROR so that client does not discard the response. Based on a
    suggestion by Lorenzo Dalla Vecchia. (markt)
  * Fix: 66196: Align HTTP/1.1 with HTTP/2 and throw an exception when
    attempting to commit a response with an header value that includes one or
    more characters with a code point above 255. (markt)
  * Fix: 66385: Correct a bug in HTTP/2 where a non-blocking read for a new
    frame with the NIO2 connector was incorrectly made using the read timeout
    leading to unexpected stream closure. (markt)

Jasper

  * Fix: 66370: Change the default of the
    org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system property to true unless
    the EL library is running on Tomcat in which case the default remains false
    as the EL library is already called from within a privileged block and
    skipping the unnecessary privileged block improves performance. (markt)
  * Add: Add support for specifying Java 21 (with the value 21) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)

Other

  * Update: Update the internal fork of Apache Commons BCEL to 2ee2bff
    (2023-01-03, 6.7.1-SNAPSHOT). (markt)
  * Update: Update the internal fork of Apache Commons Codec to 3eafd6c
    (2023-01-03, 1.16-SNAPSHOT). (markt)
  * Update: Update the internal fork of Apache Commons FileUpload to 34eb241
    (2023-01-03, 2.0-SNAPSHOT). (markt)
  * Update: Update the internal fork of Apache Commons DBCP to f131286
    (2023-01-03, 2.10.0-SNAPSHOT). (markt)
  * Add: Improvements to Japanese translations. Contributed by Shirayuking.
    (markt)
  * Add: Improvements to Portuguese translations. Contributed by Guilherme
    Custo'dio. (markt)
  * Update: Update Checkstyle to 10.6.0. (markt)
  * Update: Update Unboundid to 6.0.7. (markt)
  * Update: Update SpotBugs to 4.7.3. (markt)

2022-12-05 Tomcat 9.0.70 (remm)

Catalina

  * Fix: Correct the default implementation of
    HttpServletRequest.isTrailerFieldsReady() to return true so it is
    consistent with the default implementation of
    HttpServletRequest.getTrailerFields() and with the Servlet API provided by
    the Jakarta EE project. (markt)
  * Fix: Improve the behavior of the credential handler attribute that is set
    in the Servlet context so that it actually reflects what is used during
    authentication. (remm)
  * Fix: 66359: Update javadoc for RemoteIpValve and RemoteIpFilter with
    correct protocolHeader default value of "X-Forwarded-Proto". (lihan)

Coyote

  * Fix: When an HTTP/2 stream was reset, the current active stream count was
    not reduced. If enough resets occurred on a connection, the current active
    stream count limit was reached and no new streams could be created on that
    connection. (markt)

Web applications

  * Fix: 66348: Update the JARs listed in the class loader documentation and
    note which ones are optional. (markt)
  * Fix: Documentation. Replace references in the application developer's guide
    to CVS with more general references to a source code control system.
    (markt)

Other

  * Code: Refactor code base to replace use of URL constructors. While they are
    deprecated in Java 20 onwards, the reasons for deprecation are valid for
    all versions so move away from them now. (markt)
  * Update: Update the internal fork of Apache Commons BCEL to b015e90
    (2022-11-28, 6.7.0-RC1). (markt)
  * Update: Update the internal fork of Apache Commons Codec to ae32a3f
    (2022-11-29, 1.16-SNAPSHOT). (markt)
  * Update: Update to Commons Daemon 1.3.3. (markt)
  * Update: Update the internal fork of Apache Commons FileUpload to aa8eff6
    (2022-11-29, 2.0-SNAPSHOT). (markt)
  * Add: Improvements to Japanese translations. Contributed by Shirayuking and
    tak7iji. (markt)

2022-11-14 Tomcat 9.0.69 (remm)

Catalina

  * Add: 66209: Add a configuration option to allow bloom filters used to index
    JAR files to be retained for the lifetime of the web application. Prior to
    this addition, the indexes were always flushed by the periodic calls to
    WebResourceRoot.gc(). As part of this addition, configuration of archive
    indexing moves from Context to WebResourceRoot. Based on a patch provided
    by Rahul Jaisimha. (markt)
  * Fix: 66330: Correct a regression introduced when fixing 62897 that meant
    any value configured for skipMemoryLeakChecksOnJvmShutdown on the Context
    was ignored and the default was always used. (markt)
  * Fix: 66331: Fix a regression in refactoring for Stack on the
    SystemLogHandler which caught incorrect exception. (lihan)
  * Fix: 66338: Fix a regression that caused a nuance in refactoring for
    ErrorReportValve. (lihan)
  * Fix: Escape values used to construct output for the JsonErrorReportValve to
    ensure that it always outputs valid JSON. (markt)

Coyote

  * Fix: Correct the date format used with the expires attribute of HTTP
    cookies. A single space rather than a single dash should be used to
    separate the day, month and year components to be compliant with RFC 6265.
    (markt)
  * Add: Include the name of the current stream state in the error message when
    a stream is cancelled due to an attempt to write to the stream when it is
    in a state that does not permit writes. (markt)
  * Code: NIO writes never return -1 so refactor CLOSED_NIO_CHANNEL not to do
    so and remove checks for this return value. Based on #562 by tianshuang.
    (markt)
  * Code: Remove unnecessary code that exposed the asyncTimeout to components
    that never used it. (markt)

Jasper

  * Fix: 66294: Make the use of a privileged block to obtain the thread context
    class loader added to address 62080 optional and disabled by default. This
    is now controlled by the org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED
    system property. (markt)
  * Fix: 66325: Fix concurrency issue in evaluation of expression language
    containing lambda expressions. (markt)

jdbc-pool

  * Fix: 66346: Ensure all JDBC pool JARs are reproducible. Pull request #566
    provided by John Neffenger. (markt)

Other

  * Update: Update to Commons Daemon 1.3.2. (markt)
  * Add: Improvements to Chinese translations. Contributed by DigitalCat and
    lihan. (markt)
  * Add: Improvements to French translations. Contributed by Mathieu Bouchard.
    (markt)
  * Add: Improvements to Japanese translations. Contributed by Shirayuking.
    (markt)

2022-10-07 Tomcat 9.0.68 (markt)

Catalina

  * Fix: Update the RewriteValve to perform pattern matching using dotall mode
    to avoid unexpected behaviour if the URL includes encoded line terminators.
    (markt)

Coyote

  * Fix: 66276: Fix incorrect class cast when adding a descendant of HTTP/2
    streams. (lihan)
  * Fix: 66281: Fix unexpected timeouts that may appear as client
    disconnections when using HTTP/2 and NIO2. (markt)
  * Fix: Enforce the requirement of RFC 7230 onwards that a request with a
    malformed content-length header should always be rejected with a 400
    response. (markt)

Jasper

  * Fix: 66277: Fix regressions in refactoring from Stack ArrayDeque.
  * Add: Add support for specifying Java 20 (with the value 20) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)

Web applications

  * Fix: Documentation. Document the nonceRequestParameterName attribute for
    the CsrfPreventionFilter. Based on #553 by Mert U:lkgu:n. (markt)

Other

  * Update: Update Objenesis to 3.2. (markt)
  * Update: Update UnboundID to 6.0.6. (markt)
  * Update: Update Checkstyle to 10.3.4. (markt)
  * Update: Update JaCoCo to 0.8.8. (markt)
  * Update: Update SpotBugs to 4.7.2. (markt)
  * Update: Update JSign to 4.2. (markt)
  * Update: Update Derby to 10.16.1.1. (markt)
  * Add: Improvements to Chinese translations. (markt)
  * Add: Improvements to Czech translations. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations. Contributed by tak7iji and
    Shirayuking. (markt)
  * Add: Improvements to Korean translations. (markt)
  * Add: Improvements to Spanish translations. (markt)

2022-09-26 Tomcat 9.0.67 (remm)

Coyote

  * Fix: Fix a regression in refactoring for Hashtables which caused mbeans to
    lose many of their attributes. (remm)

not released Tomcat 9.0.66 (remm)

Catalina

  * Fix: Correct handling of HTTP TRACE requests where there are multiple
    instances of an HTTP header with the same name. (markt)
  * Fix: Implement the requirements of RFC 7231 and do not include sensitive
    headers in responses to HTTP TRACE requests. (markt)
  * Fix: Implement the clarification in RFC 9110 that the units in HTTP range
    specifiers are case insensitive. (markt)
  * Fix: Properly-escape role and group information when writing
    MemoryUserDatabase to an XML file. (schultz)
  * Fix: Move control of XML-export logic from individual support classes into
    MemoryUserDatabase.save(). Deprecate and discontinue use of MemoryUser,
    MemoryRole, and MemoryGroup classes. (schultz)
  * Fix: 66183: When logging cookie values in an access log valve and there are
    multiple cookies with the same name, log all cookie values rather than just
    the first. Based on pull request #541 by Han Li. (markt)
  * Fix: 66184: Ensure that JULI root loggers have a default level of INFO.
    Pull request #533 provided by Piotr P. Karwasz. (markt)
  * Fix: Improve handling of stack overflow errors when parsing SSI
    expressions. (markt)
  * Fix: 66120: Enable FORM authentication to work correctly if session
    persistence and restoration occurs during the authentication process.
    (markt)
  * Fix: 66233: Include an error message when sending a 400 response because a
    request has too many cookies. (markt)
  * Fix: When web application deployment fails due to JARs with duplicate
    fragment names, improve the error message by listing the JARs that contain
    the duplicates. Based on pull request #535 by Mads Rolsdorph. (markt)
  * Fix: Replace logging thread for JULI's AsyncFileHandler with an executor to
    protect against failure of the logging thread. Based on pull request #545
    by Piotr P. Karwasz. (markt)

Coyote

  * Fix: Avoid potential NPE by skipping duplicate accept check when using a
    Unix Domain Socket. Based on #532 by Han Li. (markt)
  * Fix: Address an edge case in HTTP header parsing that allowed CRCRLF to be
    used as a valid line terminator. (markt)
  * Fix: Ensure HTTP/2 requests that include connection specific headers are
    rejected. (markt)
  * Fix: When processing HTTP/2 requests, allow a host header to be used in
    place of an :authority header. (markt)
  * Fix: When processing HTTP/2 requests, allow a host header and an :authority
    header to be present providing they are consistent. (markt)
  * Fix: When processing HTTP/2 requests, reject requests containing multiple
    host headers. (markt)
  * Fix: Make parsing of invalid filename directives in Content-Disposition
    headers more robust. Invalid filename directives will now be ignored rather
    than triggering a 500 response. (markt)
  * Fix: 66194: Log HTTP/2 stream closures (usually caused by client errors)
    via a UserDataHelper to broadly align it with the behaviour of HTTP/1.1 for
    parsing issues and exceeding limits. (markt)
  * Fix: 66236: Implement support for the special values zero and minus one
    when configuring maxSavePostSize for a Connector when used in conjunction
    with TLS renegotiation. (markt)
  * Fix: 66240: Avoid int overflow when parsing octets by limiting the maximum
    value to 255. Based on a PR #548 by Stefan Mayr. (lihan)
  * Fix: #550: Correctly handle case where a Servlet responds to a request with
    an expectation with a 2xx response without reading the request body. Pull
    request provided by Malay Shah. (markt)
  * Fix: #551: Avoid potential IndexOutOfBoundsException by fixing incorrect
    check when matching HTTP/2 preface. Submitted by ??????. (lihan)

Jasper

  * Fix: Improve handling of stack overflow errors when parsing EL expressions.
    (markt)
  * Fix: Correct parsing of integer and floating point literals in EL
    expressions so that larger values are correctly parsed to BigInteger and
    BigDecimal respectively. (markt)
  * Add: 66203: Log an error message when the JSP compiler is unable to create
    the output directory for the generated code. (markt)
  * Fix: 66235: Fix various issues with the bean resolver used for Graal.
    (remm)
  * Fix: Improve the performance of the ImportHandler in the Expression
    Language implementation. This removes a previous optimisation that is now
    detrimental rather than helpful. Pull request #547 provided by rmannibucau.
    (markt)
  * Fix: Improve handling of EL error messages so instances of Number are not
    formatted in unexpected ways. (markt/kkolinko)
  * Fix: Switch to using ELException rather than IllegalArgumentException when
    a type conversion fails during an EL arithmetic operation. This is an EL
    error so ELException seems more appropriate. (markt)
  * Fix: 66246: Fix JspC generates invalid web.xml due to incorrect header.
    (lihan)
  * Fix: Fix a bug in MethodExpression handling that triggered an error when
    invoking a static method on an instance of the class rather than directly
    on the class. (markt)
  * Fix: Use BigInteger.remainder() rather than BigInteger.mod() when
    performing the modulus operation for instances of BigInteger as part of an
    EL expression. (markt)

Cluster

  * Fix: To aid future additions of new functionality, rather than throw an
    IllegalArgumentException if a DeltaRequest is passed an unrecognised action
    type, a warning message will now be logged. (markt)
  * Fix: 66120: Enable FORM authentication to work correctly if session
    failover occurs during the authentication process. (markt)

WebSocket

  * Add: 62312: Add support for authenticating WebSocket clients with an HTTP
    forward proxy when establishing a connection to a WebSocket endpoint via a
    forward proxy that requires authentication. Based on a patch provided by
    Joe Mokos. (markt)

Other

  * Fix: Ensure that zip archives use UTC for file modification times to ensure
    repeatable builds across time zones. (markt)
  * Add: Improvements to Chinese translations. (lihan)
  * Add: Improvements to Czech translations. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to German translations. (markt)
  * Add: Improvements to Japanese translations. Contributed by tak7iji and
    Shirayuking. (markt)
  * Add: Improvements to Korean translations. Contributed by ????. (markt)
  * Add: Improvements to Russian translations. (markt)
  * Add: Improvements to Spanish translations. (markt)
  * Add: Further automation to the build process to reduce the number of manual
    steps that release managers must perform. (markt)

2022-07-20 Tomcat 9.0.65 (remm)

Catalina

  * Fix: 66104: Avoid error message by not trying to clean up old files from
    the logging directory before the directory has been created. Based on #521
    by HanLi. (markt)

Coyote…
jperkin pushed a commit that referenced this issue Jul 20, 2024
Changelog:
2024-03-25 Tomcat 8.5.100 (schultz)

Catalina

  * Fix: Align error handling for Writer and OutputStream. Ensure use of either
    once the response has been recycled triggers a NullPointerException
    provided that discardFacades is configured with the default value of true.
  * Fix: 68495: When restoring a saved POST request after a successful FORM
    authentication, ensure that neither the URI, the query string nor the
    protocol are corrupted when restoring the request body. (markt)
  * Fix: 68721: Workaround a possible cause of duplicate class definitions when
    using ClassFileTransformers and the transformation of a class also triggers
    the loading of the same class. (markt)
  * Fix: The rewrite valve should not do a rewrite if the output is identical
    to the input. (remm)
  * Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow
    skipping over the next valve in the Catalina pipeline. (remm)
  * Add: Add checking of the "age" of the running Tomcat instance since its
    build-date to the SecurityListener, and log a warning if the server is old.
    (schultz)
  * Fix: When using the AsyncContext, throw an IllegalStateException, rather
    than allowing an NullPointerException, if an attempt is made to use the
    AsyncContext after it has been recycled. (markt)

Coyote

  * Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all
    of the connection windows and still has content to write, it will now be
    added to the backlog immediately rather than waiting until the write
    attempt for the remaining content. (markt)
  * Fix: Correct a regression in the support for user provided SSLContext
    instances that broke the
    org.apache.catalina.security.TLSCertificateReloadListener. (markt)

Jasper

  * Add: Add support for specifying Java 22 (with the value 22) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)
  * Fix: Handle the case where the JSP engine forwards a request/response to a
    Servlet that uses an OutputStream rather than a Writer. This was triggering
    an IllegalStateException on code paths where there was a subsequent attempt
    to obtain a Writer. (markt)
  * Fix: Correctly handle the case where a tag library is packaged in a JAR
    file and the web application is deployed as a WAR file rather than an
    unpacked directory. (markt)

Other

  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)
  * Fix: 57130: Allow digest.(sh|bat) to accept password from a file or stdin.
    (csutherl/schultz)
  * Update: Update Checkstyle to 10.14.1. (markt)

2024-02-19 Tomcat 8.5.99 (schultz)

Catalina

  * Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are
    correctly removed from files containing property values when configured to
    do so. Bug identified by Coverity Scan. (markt)
  * Add: Add improvements to the CSRF prevention filter including the ability
    to skip adding nonces for resource name and subtree URL patterns. (schultz)
  * Fix: Review usage of debug logging and downgrade trace or data dumping
    operations from debug level to trace. (remm)
  * Fix: 68089: Further improve the performance of request attribute access for
    ApplicationHttpRequest and ApplicationRequest. (markt)
  * Fix: 68559: Allow asynchronous error handling to write to the response
    after an error during asynchronous processing. (markt)

Coyote

  * Fix: Make asynchronous error handling more robust. Ensure that once a
    connection is marked to be closed, further asynchronous processing cannot
    change that. (markt)
  * Fix: Make asynchronous error handling more robust. Ensure that once the
    call to AsyncListener.onError() has returned to the container, only
    container threads can access the AsyncContext. This protects against
    various race conditions that woudl otherwise occur if application threads
    continued to access the AsyncContext.
  * Fix: Review usage of debug logging and downgrade trace or data dumping
    operations from debug level to trace. In particular, most of the HTTP/2
    debug logging has been changed to trace level. (remm)
  * Fix: Add support for user provided SSLContext instances configured on
    SSLHostConfigCertificate instances. Based on pull request #673 provided by
    Hakan Alt??nda?. (markt)
  * Fix: Improve the Tomcat Native shutdown process to reduce the likelihood of
    a JVM crash during Tomcat shutdown. (markt)
  * Fix: Partial fix for 68558: Cache the result of converting to String for
    request URI, HTTP header names and the request Content-Type value to
    improve performance by reducing repeated byte[] to String conversions.
    (markt)
  * Fix: Improve error reporting to HTTP/2 clients for header processing errors
    by reporting problems at the end of the frame where the error was detected
    rather than at the end of the headers. (markt)
  * Fix: Remove the remaining reference to a stream once the stream has been
    recycled. This makes the stream eligible for garbage collection earlier and
    thereby improves scalability. (markt)

Jasper

  * Fix: 68546: Generate optimal size and types for JSP imports maps, as
    suggested by John Engebretson. (remm)
  * Fix: Review usage of debug logging and downgrade trace or data dumping
    operations from debug level to trace. (remm)

WebSocket

  * Fix: Correct a regression in the fix for 66508 that could cause an
    UpgradeProcessor leak in some circumstances. (markt)
  * Fix: Review usage of debug logging and downgrade trace or data dumping
    operations from debug level to trace. (remm)
  * Fix: Ensure that WebSocket connection closure completes if the connection
    is closed when the server side has used the proprietary suspend/resume
    feature to suspend the connection. (markt)

Web applications

  * Add: Add support for responses in JSON format from the examples application
    RequestHeaderExample. (schultz)

Other

  * Update: Update Checkstyle to 10.13.0. (markt)
  * Update: Update JSign to 6.0. (markt)
  * Update: Add strings for debug level messages. (remm)

2024-01-09 Tomcat 8.5.98 (schultz)

Catalina

  * Update: 68378: Align extension to MIME type mappings in the global web.xml
    with those in httpd by adding application/vnd.geogebra.slides for ggs, text
    /javascript for mjs and audio/ogg for opus. (markt)

Coyote

  * Fix: Refactor the VirtualThreadExecutor so that it can be used by the NIO2
    connector which was using platform threads even when configured to use
    virtual threads. (markt)
  * Fix: Correct a regression in the fix for 67675 that broke TLS key file
    parsing for PKCS#8 format keys that do not specify an explicit
    pseudo-random function and rely on the default. This typically affects keys
    generated by OpenSSL 1.0.2. (markt)
  * Fix: Allow multiple operations with the same name on introspected mbeans,
    fixing a regression caused by the introduction of a second addSslHostConfig
    method. (remm)
  * Fix: Relax the check that the HTTP Host header is consistent with the host
    used in the request line, if any, to make the check case insensitive since
    host names are case insensitive. (markt)
  * Add: 68348: Add support for the partitioned attribute for cookies. (markt)

Other

  * Update: Update Checkstyle to 10.12.7. (markt)
  * Update: Update SpotBugs to 4.8.3. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)

2023-12-12 Tomcat 8.5.97 (schultz)

Catalina

  * Fix: Background processes should not be run concurrently with lifecycle
    operations of a container. (remm)
  * Fix: Correct unintended escaping of XML in some WebDAV responses. The XML
    list of support locks when provided in response to a PROPFIND request was
    incorrectly XML escaped. (markt)
  * Fix: 68227: Ensure that AsyncListener.onComplete() is called if
    AsyncListener.onError() calls AsyncContext.dispatch(). (markt)
  * Fix: 68228: Use a 408 status code if a read timeout occurs during HTTP
    request processing. Includes a test case based on code provided by
    adwsingh. (markt)

Jasper

  * Code: 68119: Refactor the CompositeELResolver to improve performance during
    type conversion operations. (markt)

Web Applications

  * Fix: Examples. Improve the error handling so snakes associated with a user
    that drops from the network are removed from the game. (markt)

Other

  * Update: Update UnboundID to 6.0.11. (markt)
  * Update: Update Checkstyle to 10.12.5. (markt)
  * Update: Update SpotBugs to 4.8.2. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)
  * Add: Improvements to Russian translations by usmazat and remm. (markt)

2023-11-13 Tomcat 8.5.96 (schultz)

Catalina

  * Fix: 67667: TLSCertificateReloadListener prints unreadable rendering of
    X509Certificate#getNotAfter(). (michaelo)
  * Update: The status servlet included in the manager webapp can now output
    statistics as JSON, using the JSON=true URL parameter. (remm)
  * Update: Optionally allow ServiceBindingPropertySource to trim a trailing
    newline from a file containing a property-value. (schultz)
  * Fix: 67793: Ensure the original session timeout is restored after FORM
    authentication if the user refreshes a page during the FORM authentication
    process. Based on a suggestion by Mircea Butmalai. (markt)
  * Update: 67926: PEMFile prints unidentifiable string representation of ASN.1
    OIDs. (michaelo)
  * Fix: 66875: Ensure that setting the request attribute
    jakarta.servlet.error.exception is not sufficient to trigger error handling
    for the current request and response. (markt)
  * Fix: 68054: Avoid some file canonicalization calls introduced by the fix
    for 65433. (remm)
  * Fix: 68089: Improve performance of request attribute access for
    ApplicationHttpRequest and ApplicationRequest. (markt)
  * Fix: Use a 400 status code to report an error due to a bad request (e.g. an
    invalid trailer header) rather than a 500 status code. (markt)
  * Fix: Ensure that an IOException during the reading of the request triggers
    always error handling, regardless of whether the application swallows the
    exception. (markt)

Coyote

  * Add: 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#
    certificateKeystorePasswordFile. (michaelo)
  * Add: When calling SSLHostConfigCertificate.setCertificateKeystore(ks),
    automatically call setCertificateKeystoreType(ks.getType()). (markt)
  * Fix: 67628: Clarify how the ciphers attribute of the SSLHostConfig is used.
    (markt)
  * Fix: 67666: Ensure TLS connectors using PEM files either work with the
    TLSCertificateReloadListener or, in the rare case that they do not, log a
    warning on Connector start. (markt)
  * Fix: 67675: Support a wider range of KDF and ciphers for PEM files than the
    combinations supported by the JVM by default. Specifically, support the
    OpenSSL default of HmacSHA256 and DES-EDE3-CBC. (markt)
  * Fix: 67927: Reloading TLS configuration can cause the Connector to refuse
    new connections or the JVM to crash. (markt)
  * Fix: 67934: If both Tomcat Native 1.2.x and 2.0.x are available, prefer
    1.2.x since it supports the APR/Native connector whereas 2.0.x does not.
    (markt)
  * Fix: 67938: Correct handling of large TLS client hello messages that were
    causing the TLS handshake to fail. (markt)
  * Fix: 68026: Convert selected MessageByte values to String when first
    accessed to speed up subsequent accesses and reduce garbage collection.
    (markt)

Jasper

  * Fix: 68068: Performance improvement for EL. Based on a suggestion by John
    Engebretson. (markt)

Other

  * Add: 67538: Make use of Ant's <javaversion /> task to enfore the mininum
    Java build version. (michaelo)
  * Update: Update Checkstyle to 10.12.4. (markt)
  * Update: Update JaCoCo to 0.8.11. (markt)
  * Update: Update SpotBugs to 4.8.0. (markt)

2023-10-16 Tomcat 8.5.95 (schultz)

Coyote

  * Fix: 67670: Fix regression with HTTP compression after code refactoring.
    (remm)

jdbc-pool

  * Fix: 67664: Correct a regression in the clean-up of unnecessary use of
    fully qualified class names in 8.5.94 that broke the jdbc-pool. (markt)

2023-10-10 Tomcat 8.5.94 (schultz)

Catalina

  * Add: 65770: Provide a lifecycle listener that will automatically reload TLS
    configurations a set time before the certificate is due to expire. This is
    intended to be used with third-party tools that regularly renew TLS
    certificates. (markt)
  * Fix: Fix handling of an error reading a context descriptor on deployment.
    (remm)
  * Fix: Fix rewrite rule qsd (query string discard) being ignored if qsa was
    also use, while it should instead take precedence. (remm)
  * Fix: 67472: Send fewer CORS-related headers when CORS is not actually being
    engaged. (schultz)
  * Add: Improve handling of failures within recycle() methods. (markt)

Coyote

  * Fix: 67198: Ensure that the AJP connector attribute tomcatAuthorization
    takes precedence over the tomcatAuthentication attribute when processing an
    auth_type attribute received from a proxy server. (markt)
  * Fix: 67235: Fix a NullPointerException when an AsyncListener handles an
    error with a dispatch rather than a complete. (markt)
  * Fix: When an error occurs during asynchronous processing, ensure that the
    error handling process is only triggered once per asynchronous cycle.
    (markt)
  * Fix: Fix logic issue trying to match no argument method in
    IntropectionUtil. (remm)
  * Fix: Improve thread safety around readNotify and writeNotify in the NIO2
    endpoint. (remm)
  * Fix: Avoid rare thread safety issue accessing message digest map. (remm)
  * Fix: Align validation of HTTP trailer fields with standard fields. (markt)
  * Fix: Improvements to HTTP/2 overhead protection. (markt)

Jasper

  * Fix: 67080: Improve performance of EL expressions in JSPs that use implicit
    objects. Based on suggestions by John Engebretson, Anurag Dubey and
    Christopher Schultz. (markt)

Other

  * Update: Update the internal fork of Apache Commons FileUpload to 7a8c324
    (2023-09-16, 1.x-SNAPSHOT). Due to significant refactoring in the 2.x
    branch requiring additional Commons IO dependencies, Tomcat has switched to
    tracking the 1.x branch. (markt)
  * Update: Update UnboundID to 6.0.10. (markt)
  * Update: Update Checkstyle to 10.12.3. (markt)
  * Update: Update Tomcat Native to 1.2.39 to pick up Windows binaries built
    with OpenSSL 3.0.11. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)
  * Add: Improvements to Russian translations by usmazat. (markt)

2023-08-25 Tomcat 8.5.93 (markt)

Catalina

  * Fix: If an application or library sets both a non-500 error code and the
    javax.servlet.error.exception request attribute, use the provided error
    code during error page processing rather than assuming an error code of
    500. (markt)
  * Fix: Update code comments and Tomcat output to use MiB for 1024 * 1024
    bytes and KiB for 1024 bytes rather than MB and kB. (martk)
  * Fix: Avoid protocol relative redirects in FORM authentication. (markt)

Web applications

  * Fix: Documentation. Update documentation to use MiB for 1024 * 1024 bytes
    and KiB for 1024 bytes rather than MB and kB. (martk)

Other

  * Add: Improvements to Chinese translations. (lihan)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations by tak7iji. (markt)

2023-08-14 Tomcat 8.5.92 (markt)

Catalina

  * Fix: Align documentation for maxParameterCount to match hard-coded
    defaults. Contributed by Michal Sobkiewicz. (schultz)
  * Fix: 66680: When serializing a session during the session presistence
    process, do not log a warning that null Principals are not serializable.
    Pull request #638 provided by tsryo. (markt)
  * Fix: Catch NamingException in JNDIRealm#getPrincipal. It is used in Java up
    to 17 to signal closed connections. (fschumacher)
  * Fix: 66822: Use the same naming format in log messages for Connector
    instances as the associated ProtocolHandler instance. (markt)
  * Fix: The parts count should also lower the actual maxParameterCount used
    for parsing parameters if parts are parsed first. (remm)

Coyote

  * Fix: Correct a regression introduced in 8.5.91 and use the correct constant
    when constructing the default value for the certificateKeystoreFile
    attribute of an SSLHostConfigCertificate instance. (markt)
  * Code: Refactor HTTP/2 implementation to reduce pinning when using virtual
    threads. (markt)
  * Fix: 66841: Ensure that AsyncListener.onError() is called after an error
    during asynchronous processing with HTTP/2. (markt)
  * Fix: Correct a race condition that could cause spurious RST messages to be
    sent after the response had been written to an HTTP/2 stream. (markt)

WebSocket

  * Fix: 66681: Fix a NullPointerException when flushing batched messages with
    compression enabled using permessage-deflate. (markt)

jdbc-pool

  * Fix: Fix the releaseIdleCounter does not increment when testAllIdle
    releases them. Pull request #241 provided by Arun Chaitanya Miriappalli
    (lihan)
  * Fix: Fix the ConnectionState state will be inconsistent with actual state
    on the connection when an exception occurs while writing. Pull request #643
    provided by Wenjun Xiao. (lihan)

Other

  * Update: Update NSIS to 3.0.9. (markt)
  * Update: Update Checkstyle to 10.12.2. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations. Contributed by tak7iji and
    Shirayuking. (markt)
  * Fix: 66829: Fix quoting so users can use the _RUNJAVA environment variable
    as intended on Windows when the path to the Java executable contains
    spaces. (markt)
  * Update: Update Tomcat Native to 1.2.38 to pick up Windows binaries built
    with OpenSSL 1.1.1v. (markt)

2023-07-10 Tomcat 8.5.91 (schultz)

Catalina

  * Add: 59232: Add org.apache.catalina.core.ContextNamingInfoListener, a
    listener which creates context naming information environment entries.
    (michaelo)
  * Add: 66665: Add org.apache.catalina.core.PropertiesRoleMappingListener, a
    listener which populates the context's role mapping from a properties file.
    (michaelo)
  * Fix: Fix an edge case where intra-web application symlinks would be
    followed if the web applications were deliberately crafted to allow it even
    when allowLinking was set to false. (markt)
  * Fix: Make parsing of ExtendedAccessLogValve patterns more robust. (markt)

Coyote

  * Fix: 66627: Restore the documented behaviour of MessageBytes.getType() that
    it returns the type of the original content rather than reflecting the most
    recent conversion. (markt)
  * Fix: 66635: Correct certificate logging on start-up so it differentiates
    between keystore based keys/certificates and PEM file based keys/
    certificates and logs the relevant information for each. (markt)
  * Fix: Refactor blocking reads and writes for the NIO connector to remove
    code paths that could allow a notification from the Poller to be missed
    resuting in a timeout rather than the expected read or write. (markt)
  * Fix: Refactor waiting for an HTTP/2 stream or connection window update to
    handle spurious wake-ups during the wait. (markt)

WebSocket

  * Fix: Improve handling of error conditions for the WebSocket server,
    particularly during Tomcat shutdown. (markt)
  * Fix: Correct a regression in the fix for 66574 that meant the WebSocket
    session could return false for onOpen() before the onClose() event had been
    completed. (markt)

Web applications

  * Add: Documentation. Expand the security guidance to cover the embedded use
    case and add notes on the uses made of the java.io.tmpdir system property.
    (markt)
  * Fix: 66662: Documentation. Fix a typo in the name of the algorithms
    attribute in the configuration section for the Digest authentication valve.
    Pull request #629 provided by gohilmca. (markt)

Other

  * Add: Include the Windows specific binary distributions in the files
    uploaded to Maven Central. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations. Contributed by tak7iji. (markt)
  * Update: Update UnboundID to 6.0.9. (markt)
  * Update: Update Checkstyle to 10.12.1. (markt)
  * Update: Update JSign to 5.0. (markt/rjung)

2023-06-12 Tomcat 8.5.90 (schultz)

Catalina

  * Add: Add org.apache.catalina.core.StandardVirtualThreadExecutor, a virtual
    thread based executor that may be used with one or more Connectors to
    process requests received by those Connectors using virtual threads. This
    Executor requires a minimum Java version of Java 21. (markt)
  * Fix: 66513: Add a per session Semaphore to the PersistentValve that ensures
    that, within a single Tomcat instance, there is no more than one concurrent
    request per session. Also expand the debug logging to include whether a
    request bypasses the Valve and the reason if a request fails to obtain the
    per session Semaphore. (markt)
  * Fix: 66609: Ensure that the default servlet correctly escapes file names in
    directory listings when using XML output. Based on pull request #621 by
    Alex Kachanov. (markt)
  * Add: 66618: Add a numeric last modified field to the XML directory listings
    produced by the default servlet to enable sorting in the XSLT. Pull request
    #622 by Alex Kachanov. (markt)
  * Fix: 66621: Attempts to lock a collection with WebDAV may incorrectly fail
    if a child collection has an expired lock. (markt)
  * Fix: 66622: Deprecate the xssProtectionEnabled setting from the
    HttpHeaderSecurityFilter and change the default value to false as support
    for the associated HTTP header has been removed from all major browsers.
    (markt)

Coyote

  * Update: Update the HTTP/2 implementation to use the prioritization scheme
    defined in RFC 9218 rather than the one defined in RFC 7540. (markt)
  * Fix: 66602: not sending WINDOW_UPDATE when dataLength is ZERO on call
    SwallowedDataFramePayload. Pull request #619 by ledefe. (lihan)

WebSocket

  * Fix: 66548: Expand the validation of the value of the Sec-Websocket-Key
    header in the HTTP upgrade request that initiates a WebSocket connection.
    The value is not decoded but it is checked for the correct length and that
    only valid characters from the base64 alphabet are used. (markt)

Other

  * Update: Update to Commons Daemon 1.3.4. (markt)
  * Add: Improvements to French translations. (remm)
  * Update: Update Checkstyle to 10.12.0. (markt)
  * Update: Update the packaged version of the Apache Tomcat Native Library to
    1.2.37 to pick up the Windows binaries built with with OpenSSL 1.1.1u.
    (markt)

2023-05-19 Tomcat 8.5.89 (schultz)

Catalina

  * Fix: 66567: Fix missing IllegalArgumentException after the Tomcat code was
    converted to using URI instead of URL. (remm)
  * Fix: Escape timestamp output in AccessLogValve if a SimpleDateFormat is
    used which contains verbatim characters that need escaping. (rjung)
  * Update: Change output of vertical tab in AccessLogValve from \v to \u000b.
    (rjung)
  * Update: Improve performance of escaping in AccessLogValve roughly by a
    factor of two. (rjung)
  * Update: Improve JsonAccessLogValve: support more patterns like for headers
    and attributes. Those will be logged as sub objects. (rjung)
  * Fix: #613: Fix possible partial corrupted file copies when using file
    locking protection or the manager servlet. Submitted by Jack Shirazi.
    (remm)
  * Add: Add RateLimitFilter which can be used to mitigate DoS and Brute Force
    attacks. (isapir)

Coyote

  * Add: Add support for a new character set, gb18030-2022 - introduced in Java
    21, to the character set caching mechanism. (markt)
  * Code: The default for the HTTP Connector attribute allowHostHeaderMismatch
    has been changed from true to false to harden the default configuration.
    (markt)
  * Code: The default for the HTTP Connector attribute rejectIllegalHeader has
    been changed from false to true to harden the default configuration.
    (markt)
  * Fix: Fix an edge case in HTTP header parsing and ensure that HTTP headers
    without names are treated as invalid. (markt)
  * Update: Deprecate the HTTP Connector settings rejectIllegalHeader and
    allowHostHeaderMismatch as they have been removed in Tomcat 11 onwards.
    (markt)
  * Fix: 66591: Fix a regression introduced in the fix for 66512 that meant
    that an AJP Send Headers was not sent for responses where no HTTP headers
    were set. (markt)

Jasper

  * Fix: 66582: Account for EL having stricter requirements for static imports
    than JSPs when adding JSP static imports to the EL context. (markt)

WebSocket

  * Fix: 66574: Refactor WebSocket session close to remove the lock on the
    SocketWrapper which was a potential cause of deadlocks if the application
    code used simulated blocking. (markt)
  * Fix: 66575: Avoid unchecked use of the backing array of a buffer provided
    by the user in the compression transformation. (remm)
  * Fix: Improve exception handling when flushing batched messages during
    WebSocket session close. (markt)
  * Fix: 66581: Update AsyncChannelGroupUtil to align it with the current
    defaults for AsynchronousChannelGroup. Pull request #612 by Matthew
    Painter. (markt)

Other

  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Chinese translations. (lihan)
  * Update: Update Checkstyle to 10.10.0. (markt)
  * Update: Update Jacoco to 0.8.10. (markt)

2023-04-19 Tomcat 8.5.88 (schultz)

Catalina

  * Fix: 65995: Implement RFC 9239 and use text/javascript as the media type
    for JavaScript rather than application/javascript. (markt)
  * Add: Add an access log valve that uses a json format. Based on pull request
    #539 provided by Thomas Meyer. (remm)
  * Add: Harden the FORM authentication process against DoS attacks by using a
    reduced session timeout if the FORM authentication process creates a
    session. The duration of this timeout is configured by the
    authenticationSessionTimeout attribute of the FORM authenticator. (markt)
  * Fix: 66527: Correct the Javadoc for the Tomcat.addWebapp() methods that
    incorrectly stated that the docBase parameter could be a relative path.
    (markt)
  * Fix: 66524 Correct eviction ordering in WebResource cache to be LRU as
    intended. (schultz)
  * Update: Use server.xml to reduce the default value of maxParameterCount
    from 10,000 to 1,000. If not configured in server.xml, the default remains
    10,000. (markt)
  * Add: Update Digest authentication support to align with RFC 7616. This adds
    a new configuration attribute, algorithms, to the DigestAuthenticator with
    a default of SHA-256,MD5. (markt)
  * Update: Add support code for custom user attributes in RealmBase. Based on
    code from #473 by Carsten Klein. (remm)
  * Fix: 66541: Improve handling for cached resources for resources that use
    custom URL schemes. The scheme specific equals() and hashCode() algorithms,
    if present, will now be used for URLs for these resources. This addresses a
    potential performance issue with some OSGi custom URL schemes that can
    trigger potentially slow DNS lookups in some configurations. Based on a
    patch provided by Tom Whitmore. (markt)
  * Fix: When using a custom session manager deployed as part of the web
    application, avoid ClassNotFoundExceptions when validating session IDs
    extracted from requests. (markt)
  * Fix: 66543: Give StandardContext#fireRequestDestroyEvent its own log
    message. (fschumacher)
  * Fix: 66554: Initialize Random during server initialization to avoid
    possible JVM thread creation in the webapp context on some platforms.
    (remm)

Coyote

  * Fix: JSON filter should support specific escaping for common special
    characters as defined in RFC 8259. Based on code submitted by Thomas Meyer.
    (remm)
  * Fix: 66511: Fix GzipOutputFilter (used for compressed HTTP responses) when
    used with direct buffers. Patch suggested by Arjen Poutsma. (markt)
  * Fix: 66512: Align AJP handling of invalid HTTP response headers (they are
    now removed from the response) with HTTP. (markt)
  * Fix: 66530: Correct a regression in the fix for bug 66442 that meant that
    streams without a response body did not decrement the active stream count
    when completing leading to ERR_HTTP2_SERVER_REFUSED_STREAM for some
    connections. (markt)
  * Code: Refactor synchronization blocks locking on SocketWrapper to use
    ReentrantLock to support users wishing to experiment with project Loom.
    (markt)

Jasper

  * Fix: 66536: Fix parsing of tag files that meant that tag directives could
    be ignored for some tag files. (markt)

Cluster

  * Fix: 66535: Redefine the maxValidTime attribute of FarmWarDeployer to be
    the maximum time allowed between receiving parts of a transferred file
    before the transfer is cancelled and the associated resources cleaned-up. A
    new warning message will be logged if the file transfer is cancelled.
    (markt)

WebSocket

  * Fix: 66508: When using WebSocket with NIO2, avoid waiting for a timeout
    before sending the close frame if an I/O error occurs during a write.
    (markt)

Other

  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations. Contributed by Shirayuking and
    tak7iji. (markt)
  * Add: Improvements to Chinese translations. Contributed by totoo. (markt)
  * Code: Refactor code using MD5Encoder to use HexUtils.toHexString(). (markt)
  * Fix: 66507: Fix a bug that $JAVA_OPTS is not passed to the jvm in
    catalina.sh when calling version. Patch suggested by Eric Hamilton. (lihan)
  * Fix: Improve the error messages if JRE_HOME or JAVA_HOME are not set
    correctly. On windows, align the handling of JRE_HOME and JAVA_HOME for the
    start-up scripts and the service install script. (markt)
  * Update: Update UnboundID to 6.0.8. (markt)
  * Update: Update Checkstyle to 10.9.3. (markt)
  * Update: Update Jacoco to 0.8.9. (markt)
  * Fix: Enhance PEMFile to load from an InputStream. Patch provided by Romain
    Manni-Bucau. (schultz)

2023-03-03 Tomcat 8.5.87 (schultz)

General

  * Fix: Fix a bug that memory allocation is larger than limit in
    SynchronizedStack to reduce memory footprint. (lihan)

Catalina

  * Update: Add support for txt: and rnd: rewrite map types from mod_rewrite.
    Based on a pull request #591 provided by Dimitrios Soumis. (markt)
  * Update: Provide a more appropriate response (501 rather than 400) when
    rejecting an HTTP request using the CONNECT method. (markt)
  * Fix: 66488: Correct a regression introduced in the fix for bug 66196 that
    meant that the HTTP headers and/or request line could get corrupted (one
    part overwriting another part) within a single request. (markt)

Coyote

  * Add: Add a check for the validity of the scheme pseudo-header in HTTP/2.
    (markt)
  * Fix: 66482: Restore inline state after async operation in NIO2, to account
    the fact that unexpected exceptions are sometimes thrown by the
    implementation. Patch submitted by zhougang. (remm)

2023-02-24 Tomcat 8.5.86 (schultz)

Catalina

  * Fix: Allow a Valve to access cookies from a request that cannot be mapped
    to a Context. (markt)
  * Fix: Refactor uses of String.replaceAll() to use String.replace() where
    regular expressions where not being used. Pull request #581 provided by
    Andrei Briukhov. (markt)
  * Add: Add error report valve that allows redirecting to of proxying from an
    external web server. Based on code and ideas from pull request #506
    provided by Max Fortun. (remm)
  * Add: 66470: Add the Shared Address Space defined by RFC 6598 (100.64.0.0/
    10) to the regular expression used to identify internal proxies for the
    RemoteIpFilter and RemoteIpValve. (markt)
  * Fix: 66471: Fix JSessionId secure attribute missing When RemoteIpFilter
    determines that this request was submitted via a secure channel. (lihan)

Coyote

  * Add: Log basic information for each configured TLS certificate when Tomcat
    starts. (markt)
  * Fix: 66442: When an HTTP/2 response must not include a body, ensure that
    the end of stream flag is set on the headers frame and that no data frame
    is sent. (markt)
  * Fix: 66455: Fix the cause of a potential ClassCastException when processing
    a WINDOW_UPDATE frame on an HTTP/2 connection where the flow control window
    for the overall connection has been exhausted. (markt)
  * Add: Provided dedicated loggers
    (org.apache.tomcat.util.net.NioEndpoint.certificate /
    org.apache.tomcat.util.net.Nio2Endpoint.certificate /
    org.apache.tomcat.util.net.AprEndpoint.certificate) for logging of
    configured TLS certificates. (markt)

Jasper

  * Fix: 66419: Fix calls from expression language to a method that accepts
    varargs when only one argument was passed. (markt)
  * Fix: 66441: Make imports of static fields in JSPs visible to any EL
    expressions used on the page. (markt)

Web applications

  * Fix: 66429: Documentation. Limit access to the documentation web
    application to localhost by default. (markt)
  * Fix: 66429: Examples. Limit access to the examples web application to
    localhost by default. (markt)

Other

  * Add: Improvements to Korean translations. (woonsan)
  * Update: Update the packaged version of the Apache Tomcat Native Library to
    1.2.36 to pick up the Windows binaries built with with OpenSSL 1.1.1t.
    (markt)

2023-01-19 Tomcat 8.5.85 (schultz)

Catalina

  * Fix: Improve the behavior of the credential handler attribute that is set
    in the Servlet context so that it actually reflects what is used during
    authentication. (remm)
  * Fix: 66359: Update javadoc for RemoteIpValve and RemoteIpFilter with
    correct protocolHeader default value of "X-Forwarded-Proto". (lihan)
  * Fix: 66388: Correct a regression in the refactoring that replaced the use
    of the URL constructors. The regression broke lookups for resources that
    contained one or more characters in their name that required escaping when
    used in a URI path. (markt)
  * Fix: 66392: Change the default value of AccessLogValve's file encoding to
    UTF-8 and update documentation. (lihan)
  * Fix: 66393: Align ExtendedAccessLogValve's x-P(XXX) with the documentation.
    (lihan)

Coyote

  * Fix: When an HTTP/2 stream was reset, the current active stream count was
    not reduced. If enough resets occurred on a connection, the current active
    stream count limit was reached and no new streams could be created on that
    connection. (markt)
  * Fix: 66196: Align HTTP/1.1 with HTTP/2 and throw an exception when
    attempting to commit a response with an header value that includes one or
    more characters with a code point above 255. (markt)
  * Fix: 66388: Correct a regression in the refactoring that replaced the use
    of the URL constructors. The regression broke lookups for resources that
    contained one or more characters in their name that required escaping when
    used in a URI path. (markt)

Jasper

  * Fix: 66370: Change the default of the
    org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system property to true unless
    the EL library is running on Tomcat in which case the default remains false
    as the EL library is already called from within a privileged block and
    skipping the unnecessary privileged block improves performance. (markt)
  * Add: Add support for specifying Java 21 (with the value 21) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)

Web applications

  * Fix: 66348: Update the JARs listed in the class loader documentation and
    note which ones are optional. (markt)
  * Fix: Documentation. Replace references in the application developer's guide
    to CVS with more general references to a source code control system.
    (markt)

Other

  * Code: Refactor code base to replace use of URL constructors. While they are
    deprecated in Java 20 onwards, the reasons for deprecation are valid for
    all versions so move away from them now. (markt)
  * Update: Update to Commons Daemon 1.3.3. (markt)
  * Add: Improvements to Japanese translations. Contributed by Shirayuking and
    tak7iji. (markt)
  * Update: Update the internal fork of Apache Commons FileUpload to 34eb241
    (2023-01-03, 2.0-SNAPSHOT). (markt)
  * Update: Update the internal fork of Apache Commons BCEL to 2ee2bff
    (2023-01-03, 6.7.1-SNAPSHOT). (markt)
  * Update: Update the internal fork of Apache Commons Codec to 3eafd6c
    (2023-01-03, 1.16-SNAPSHOT). (markt)
  * Add: Improvements to Japanese translations. Contributed by Shirayuking.
    (markt)
  * Add: Improvements to Portuguese translations. Contributed by Guilherme
    Custo'dio. (markt)
  * Update: Update Checkstyle to 10.6.0. (markt)
  * Update: Update Unboundid to 6.0.7. (markt)
  * Update: Update SpotBugs to 4.7.3. (markt)

2022-11-21 Tomcat 8.5.84 (schultz)

Catalina

  * Fix: 66330: Correct a regression introduced when fixing 62897 that meant
    any value configured for skipMemoryLeakChecksOnJvmShutdown on the Context
    was ignored and the default was always used. (markt)
  * Fix: 66331: Fix a regression in refactoring for Stack on the
    SystemLogHandler which caught incorrect exception. (lihan)
  * Fix: 66338: Fix a regression that caused a nuance in refactoring for
    ErrorReportValve. (lihan)
  * Fix: Escape values used to construct output for the JsonErrorReportValve to
    ensure that it always outputs valid JSON. (markt)

Coyote

  * Fix: Correct the date format used with the expires attribute of HTTP
    cookies. A single space rather than a single dash should be used to
    separate the day, month and year components to be compliant with RFC 6265.
    (markt)
  * Add: Include the name of the current stream state in the error message when
    a stream is cancelled due to an attempt to write to the stream when it is
    in a state that does not permit writes. (markt)
  * Code: NIO writes never return -1 so refactor CLOSED_NIO_CHANNEL not to do
    so and remove checks for this return value. Based on #562 by tianshuang.
    (markt)
  * Code: Remove unnecessary code that exposed the asyncTimeout to components
    that never used it. (markt)

Jasper

  * Fix: 66294: Make the use of a privileged block to obtain the thread context
    class loader added to address 62080 optional and disabled by default. This
    is now controlled by the org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED
    system property. (markt)
  * Fix: 66325: Fix concurrency issue in evaluation of expression language
    containing lambda expressions. (markt)

jdbc-pool

  * Fix: 66346: Ensure all JDBC pool JARs are reproducible. Pull request #566
    provided by John Neffenger. (markt)

Other

  * Update: Update to Commons Daemon 1.3.2. (markt)
  * Add: Improvements to Chinese translations. Contributed by DigitalCat and
    lihan. (markt)
  * Add: Improvements to French translations. Contributed by Mathieu Bouchard.
    (markt)
  * Add: Improvements to Japanese translations. Contributed by Shirayuking.
    (markt)

2022-10-11 Tomcat 8.5.83 (markt)

Catalina

  * Fix: 66183: When logging cookie values in an access log valve and there are
    multiple cookies with the same name, log all cookie values rather than just
    the first. Based on pull request #541 by Han Li. (markt)
  * Fix: 66184: Ensure that JULI root loggers have a default level of INFO.
    Pull request #533 provided by Piotr P. Karwasz. (markt)
  * Fix: Improve handling of stack overflow errors when parsing SSI
    expressions. (markt)
  * Fix: 66120: Enable FORM authentication to work correctly if session
    persistence and restoration occurs during the authentication process.
    (markt)
  * Fix: 66233: Include an error message when sending a 400 response because a
    request has too many cookies. (markt)
  * Fix: When web application deployment fails due to JARs with duplicate
    fragment names, improve the error message by listing the JARs that contain
    the duplicates. Based on pull request #535 by Mads Rolsdorph. (markt)
  * Fix: Replace logging thread for JULI's AsyncFileHandler with an executor to
    protect against failure of the logging thread. Based on pull request #545
    by Piotr P. Karwasz. (markt)
  * Add: Add JsonErrorReportValve that extends the ErrorReportValve that
    returns response as JSON instead of HTML. Back-porting kfujino's
    implementation. (lihan)
  * Fix: Update the RewriteValve to perform pattern matching using dotall mode
    to avoid unexpected behaviour if the URL includes encoded line terminators.
    (markt)

Coyote

  * Fix: Make parsing of invalid filename directives in Content-Disposition
    headers more robust. Invalid filename directives will now be ignored rather
    than triggering a 500 response. (markt)
  * Fix: 66194: Log HTTP/2 stream closures (usually caused by client errors)
    via a UserDataHelper to broadly align it with the behaviour of HTTP/1.1 for
    parsing issues and exceeding limits. (markt)
  * Fix: 66236: Implement support for the special values zero and minus one
    when configuring maxSavePostSize for a Connector when used in conjunction
    with TLS renegotiation. (markt)
  * Fix: 66240: Avoid int overflow when parsing octets by limiting the maximum
    value to 255. Based on a PR #548 by Stefan Mayr. (lihan)
  * Fix: #550: Correctly handle case where a Servlet responds to a request with
    an expectation with a 2xx response without reading the request body. Pull
    request provided by Malay Shah. (markt)
  * Fix: #551: Avoid potential IndexOutOfBoundsException by fixing incorrect
    check when matching HTTP/2 preface. Submitted by ??????. (lihan)
  * Fix: 66276: Fix incorrect class cast when adding a descendant of HTTP/2
    streams. (lihan)
  * Fix: 66281: Fix unexpected timeouts that may appear as client
    disconnections when using HTTP/2 and NIO2. (markt)
  * Fix: Enforce the requirement of RFC 7230 onwards that a request with a
    malformed content-length header should always be rejected with a 400
    response. (markt)

Jasper

  * Fix: Improve handling of stack overflow errors when parsing EL expressions.
    (markt)
  * Fix: Correct parsing of integer and floating point literals in EL
    expressions so that larger values are correctly parsed to BigInteger and
    BigDecimal respectively. (markt)
  * Add: 66203: Log an error message when the JSP compiler is unable to create
    the output directory for the generated code. (markt)
  * Fix: Improve the performance of the ImportHandler in the Expression
    Language implementation. This removes a previous optimisation that is now
    detrimental rather than helpful. Pull request #547 provided by rmannibucau.
    (markt)
  * Fix: Improve handling of EL error messages so instances of Number are not
    formatted in unexpected ways. (markt/kkolinko)
  * Fix: Switch to using ELException rather than IllegalArgumentException when
    a type conversion fails during an EL arithmetic operation. This is an EL
    error so ELException seems more appropriate. (markt)
  * Fix: Fix a bug in MethodExpression handling that triggered an error when
    invoking a static method on an instance of the class rather than directly
    on the class. (markt)
  * Fix: Use BigInteger.remainder() rather than BigInteger.mod() when
    performing the modulus operation for instances of BigInteger as part of an
    EL expression. (markt)
  * Fix: 66277: Fix regressions in refactoring from Stack ArrayDeque.
  * Add: Add support for specifying Java 20 (with the value 20) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)

Cluster

  * Fix: To aid future additions of new functionality, rather than throw an
    IllegalArgumentException if a DeltaRequest is passed an unrecognised action
    type, a warning message will now be logged. (markt)
  * Fix: 66120: Enable FORM authentication to work correctly if session
    failover occurs during the authentication process. (markt)

WebSocket

  * Add: 62312: Add support for authenticating WebSocket clients with an HTTP
    forward proxy when establishing a connection to a WebSocket endpoint via a
    forward proxy that requires authentication. Based on a patch provided by
    Joe Mokos. (markt)

Web applications

  * Fix: Documentation. Document the nonceRequestParameterName attribute for
    the CsrfPreventionFilter. Based on #553 by Mert U:lkgu:n. (markt)

Other

  * Fix: Ensure that zip archives use UTC for file modification times to ensure
    repeatable builds across time zones. (markt)
  * Add: Improvements to Chinese translations. (lihan)
  * Add: Improvements to Czech translations. (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to German translations. (markt)
  * Add: Improvements to Japanese translations. Contributed by tak7iji and
    Shirayuking. (markt)
  * Add: Improvements to Korean translations. Contributed by ????. (markt)
  * Add: Improvements to Russian translations. (markt)
  * Add: Improvements to Spanish translations. (markt)
  * Add: Further automation to the build process to reduce the number of manual
    steps that release managers must perform. (markt)
  * Update: Update Objenesis to 3.2. (markt)
  * Update: Update UnboundID to 6.0.6. (markt)
  * Update: Update Checkstyle to 10.3.4. (markt)
  * Update: Update JaCoCo to 0.8.8. (markt)
  * Update: Update SpotBugs to 4.7.2. (markt)
  * Update: Update JSign to 4.2. (markt)

2022-08-13 Tomcat 8.5.82 (schultz)

Catalina

  * Fix: Correct handling of HTTP TRACE requests where there are multiple
    instances of an HTTP header with the same name. (markt)
  * Fix: Implement the clarification in RFC 9110 that the units in HTTP range
    specifiers are case insensitive. (markt)
  * Fix: Properly-escape role and group information when writing
    MemoryUserDatabase to an XML file. (schultz)
  * Fix: Move control of XML-export logic from individual support classes into
    MemoryUserDatabase.save(). Deprecate and discontinue use of MemoryUser,
    MemoryRole, and MemoryGroup classes. (schultz)

Coyote

  * Add: Provide dedicated loggers
    (org.apache.tomcat.util.net.NioEndpoint.handshake /
    org.apache.tomcat.util.net.Nio2Endpoint.handshake) for TLS handshake
    failures. (markt)
  * Add: Enable the use of the FIPS provider for TLS enabled Connectors when
    using Tomcat Native 1.2.34 onwards built with OpenSSL 3.0.x onwards.
    (markt)
  * Fix: Address an edge case in HTTP header parsing that allowed CRCRLF to be
    used as a valid line terminator. (markt)
  * Fix: Ensure HTTP/2 requests that include connection specific headers are
    rejected. (markt)
  * Fix: When processing HTTP/2 requests, allow a host header to be used in
    place of an :authority header. (markt)
  * Fix: When processing HTTP/2 requests, allow a host header and an :authority
    header to be present providing they are consistent. (markt)
  * Fix: When processing HTTP/2 requests, reject requests containing multiple
    host headers. (markt)

Web applications

  * Fix: Documentation. 62245: Include contextXsltFile when discussing options
    for configuring directory listings. (markt)
  * Fix: Examples. Fix CVE-2022-34305, a low severity XSS vulnerability in the
    Form authentication example. (markt)

Other

  * Update: The minimum Ant version required to perform a release build for
    Tomcat 8.5.x is now 1.10.2. (markt)
  * Add: Add additional automation to the build process to reduce the number of
    manual steps that release managers must perform. (schultz)
  * Add: Implement support for reproducible builds. Reproducible builds are
    independent of operating system but require the same Ant version and same
    JDK (vendor and version) to be used as associated version information is
    embedded in a number of build outputs such as JAR file manifests. (markt)
  * Update: Update the packaged version of the Tomcat Native Library to 1.2.34
    to improve the support for building with OpenSSL 3.0.x.(markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations contributed by tak7iji. (markt)
  * Update: Update the packaged version of the Tomcat Native Library to 1.2.35
    to pick up Windows binaries built with OpenSSL 1.1.1q.(markt)

2022-06-11 Tomcat 8.5.81 (schultz)

Catalina

  * Fix: Correct a regression in the 8.5.80 (not released) that broken or
    unexpectedly modified some TLS configurations when running on a Java 8 JDK.
    (markt)
  * Fix: 66134: The NSIS based Tomcat installer for Windows now correctly
    handles the combination of TomcatAdminRoles defined in a configuration file
    and selecting the Manager and/or Host Manager web applications in the
    installer's GUI. (markt)

not released Tomcat 8.5.80 (schultz)

Catalina

  * Fix: Update the memory leak protection code to support stopping application
    created executor threads when running on Java 19 and later. (markt)
  * Fix: Improve the error message if a required --add-opens option is missing.
    (markt)
  * Fix: Disable the memory leak correction code enabled by the Context
    attribute clearReferencesObjectStreamClassCaches when running on a JRE that
    includes a fix for the underlying memory leak. (markt)
  * Fix: 66068: Ensure that the changes made to a request by the RemoteIPValve
    persist after the request is put into asynchronous mode. (markt)
  * Add: Include the major version in the recommended version used for Tomcat
    Native with the AprLifecycleListener. (markt)
  * Fix: 66104: Avoid error message by not trying to clean up old files from
    the logging directory before the directory has been created. Based on #521
    by HanLi. (markt)

Coyote

  * Fix: Additional fix for 65118. Fix a potential NullPointerException when
    pruning closed HTTP/2 streams from the connection. (markt)
  * Fix: 66076: When using TLS with non-blocking writes and the NIO connector,
    ensure that flushing the buffers attempts to empty all of the output
    buffers. (markt)
  * Fix: 66084: Correctly calculate bytes written to a response. Pull request #
    516 provided by aooohan HanLi. (markt)
  * Add: Correct a regression in the support added for encrypted PKCS#1
    formatted private keys in the previous release that broke support for
    unencrypted PKCS#1 formatted private keys. (jfclere/markt)
  * Update: Remove support for NPN when using the Tomcat Native Connector as
    NPN was never standardised and browser support for NPN was removed several
    years ago. (markt)

Jasper

  * Fix: Update ImportHandler optimisation for new classes introduced in Java
    19. (markt)
  * Add: Add support for specifying Java 19 (with the value 19) as the compiler
    source and/or compiler target for JSP compilation. If used with an Eclipse
    JDT compiler version that does not support these values, a warning will be
    logged and the default will used. (markt)

Web applications

  * Fix: 66064: Update the building page in the documentation web application
    to reflect changes in required Java version and source repository. (markt)
  * Fix: Documentation. Make the description of the HTTP/1.1 configuration
    attributes that control the maximum allowed HTTP header size more specific.
    (markt)

Tribes

  * Fix: Increase the default buffer size for replication messages from 43800
    to 65536 bytes. This is expected to improve performance for large messages
    when running on Linux based systems. (markt)

Other

  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations contributed by Shirayuking and
    tak7iji. (markt)
  * Add: Improvements to Chinese translations contributed by Dingzi2012.
    (markt)

2022-05-23 Tomcat 8.5.79 (schultz)

Catalina

  * Fix: 65736: Disable the forceString option for the JNDI BeanFactory and
    replace it with an automatic search for an alternative setter with the same
    name that accepts a String. This is a security hardening measure. (markt)
  * Code: 65853: Refactor the CsrfPreventionFilter to make it easier for
    sub-classes to modify the nonce generation and storage. Based on
    suggestions by Marvin Fro:hlich. (markt)
  * Fix: 65991: Avoid NPE with SSLAuthenticator when boundOnInit is used on a
    connector, during the check for client certificate authentication
    availability. (remm)
  * Fix: 66009: Use getSubjectX500Principal().toString() rather than
    getSubjectX500Principal().getName(...) to retrieve a certificate DN, to
    match the output of the deprecated getSubjectDN().getName() that was used
    previously. (remm)
  * Add: Revert the change in 8.5.76 that added a mapping of Shift_JIS for the
    ja locale to the default mappings used by ServletResponse.setLocale() as it
    caused regressions for applications using UTF-8. (markt)
  * Add: Provide a property source that sources values from Kubernetes service
    bindings. Pull request #512 provided by Sumit Kulhadia and Gareth Evans.
    (markt)

Coyote

  * Add: #501: Add new maxHttpRequestHeaderSize and maxHttpResponseHeaderSize
    attributes which allow setting the maximum HTTP header sizes independently.
    If not specified, the value of the maxHttpHeaderSize connector attribute
    will be used. Submitted by Zhongming Hua. (remm)
  * Fix: The root cause of the Linux kernel duplicate accept bug has been
    identified along with the version of the kernel that includes the fix. The
    error message displayed when this bug occurs has been updated to reflect
    this new information and to advise users to update to a version of the OS
    that uses kernel 5.10 or later. Thanks to Christopher Gual for the research
    into this issue. (markt)
  * Fix: 66023: Improve the fix for 65726 and support HTTP upgrade with a
    request body for a wider set of use cases. (markt)
  * Add: Add support for encrypted PKCS#1 formatted private keys when
    configuring the internal, in memory key store. Based on #511. (jfclere/
    markt)
  * Fix: Remove the prestartminSpareThreads attribute of the
    StandardThreadExecutor since all core threads are always started by default
    making this attribute meaningless. Pull request #510 provided by Aooohan.
    (markt)

Webapps

  * Fix: 66008: In the documentation web application, remove the recommendation
    for the use the trimSpaces option for Jasper in production environments.
    (markt)
  * Fix: Update the documentation web application to state that the
    EncryptInterceptor does not provide sufficient protection to run Tomcat
    clustering over an untrusted network. This is CVE-2022-29885. (markt)

Other

  * Add: Improvements to French translations. (remm)
  * Add: Improvements to German translations contributed by Thomas Hoffmann.
    (markt)
  * Add: Improvements to Japanese translations contributed by Shirayuking.
    (markt)
  * Add: Improvements to Korean translations. (woonsan)
  * Update: Update to Commons Daemon 1.3.1. This fixes a known regression in
    1.3.0 when configuring the Windows service with custom scripts as described
    in 66055. (markt)
  * Update: Update to JSign 4.1. (markt)
  * Update: Update the packaged version of the Tomcat Native Library to 1.2.33
    to pick up Windows binaries built with OpenSSL 1.1.1o.(markt)

2022-04-01 Tomcat 8.5.78 (markt)

Catalina

  * Add: 41007: Add the ability to specify static HTML responses for specific
    error codes and/or exception types with the ErrorReportValve. (markt)
  * Code: Harden the CredentialHandler implementations by switching to a
    constant-time implementation for credential comparisons. (schultz/markt)
  * Add: Effectively disable the WebappClassLoaderBase.getResources() method as
    it is not used and if something accidentally exposes the class loader this
    method can be used to gain access to Tomcat internals. (markt)

Coyote

  * Fix: #487: Improve logging of unknown settings frames. Pull request by
    Thomas Hoffmann. (remm)
  * Add: 65975: Add a warning if a TLS virtual host is configured with optional
    certificate authentication and the containing connector is also configured
    to support HTTP/2 as HTTP/2 does not permit optional certificate
    authentication. (markt)
  * Add: 65975: Add a warning if a TLS virtual host is configured for TLS 1.3
    with a JSSE implementation and a web application is configured for
    CLIENT-CERT authentication. CLIENT-CERT authentication requires
    post-handshake authentication (PHA) when used with TLS 1.3 but the JSSE TLS
    1.3 implementation does not support PHA. (markt)
  * Fix: Improve the recycling of Processor objects to make it more robust.
    (markt)

Jasper

  * Fix: 65959: Serialize Function as String[] rather Class[]. (remm)

Web applications

  * Fix: 65952: Align --add-opens configuration for jsvc with the current
    Tomcat scripts. (markt)
  * Fix: Correct the AJP and HTTP/1.1 Connector configuration pages in the
    documentation web application to show which attributes are applicable to
    all Connectors and which are implementation specific. (markt)

Other

  * Update: Update to Commons Daemon 1.3.0. (markt)
  * Update: Update to Checkstyle 10.0. (markt)
  * Update: Update to SpotBugs 4.6.0. (markt)
  * Add: Expand the spotbugs Ant task to also cover test code. (markt)
  * Code: Refactor the resource files for the Apache Tomcat installer for
    Windows so that all the resource files are located in a single directory in
    the source tree. (markt)
  * Update: Update the packaged version of the Tomcat Native Library to 1.2.32
    to pick up Windows binaries built with OpenSSL 1.1.1n.(markt)
  * Add: Improvements to Chinese translations contributed by 15625988003.
    (markt)
  * Add: Improvements to French translations. (remm)
  * Add: Improvements to Japanese translations contributed by tak7iji. (markt)
  * Add: Expand coverage of translations for jakarta.el package. Based on #488
    from Volodymyr Siedlecki. (markt)

2022-03-17 Tomcat 8.5.77 (schultz)

Catalina

  * Fix: 65921: The type substitution flag for the rewrite valve should set the
    content type for the response, not the request. (markt)
  * Fix: #479: Enable the rewrite valve to redirect requests when the original
    request cannot be mapped to a context. This typically happens when no ROOT
    context is defined. Pull request by elkman. (markt)
  * Fix: 65940: Fix NullPointerException if an exception occurs during the
    destruction of a Servlet. (markt)

Coyote

  * Fix: Fix regression introduced with 65757 bugfix which better identified
    non request threads but which introduced a similar problem when user code
    was doing sequential operations in a single thread. Test case code
    submitted by Istvan Szekely. (remm)
  * Fix: Fix potential thread-safety issue that could cause HTTP/1.1 request
    processing to wait, and potentially timeout, waiting for additional data
    when the full request has been received. (markt)
  * Fix: Throw IOException rather than IllegalStateException when the
    application attempts to write to an HTTP/2 stream after the client has
    closed the stream. (markt)

Jasper

  * Fix: When resolving methods in EL expressions that use beans and/or static
    fields, ensure that any custom type conversion is considered when
    identifying the method to call. (markt)

Other

  * Fix: Correct a spelling mistake in the German translations. Thanks to
    Thomas Hoffmann. (markt)

2022-02-28 Tomcat 8.5.76 (schultz)

Catalina

  * Add: 61171: Add the portOffset attribute to the Server element which is
    added to the configured shutdown and Connector ports. Based on a patch by
    Marek Czernek. (markt)
  * Add: 64080: Enhance the graceful shutdown feature. Includes a new option
    for StandardService, gracefulStopAwaitMillis, that allows a time to be
    specified to wait for client connections to complete and close before the
    Container hierarchy is stopped. (markt/remm)
  * Add: Add ha-api-*.jar and jaxws-rt-*.jar to the list of JARs to skip when
    scanning for TLDs, web fragments and annotations. (michaelo)
  * Add: Expand the default mappings used by ServletResponse.setLocale() to
    include a mapping from the ja locale to the Shift_JIS encoding. (markt)
  * Fix: 65806: Improve the handling of session ID generation when the default
    algorithm for SecureRandom (SHA1PRNG) is not supported by the configured
    providers as will be the case for a FIPS compliant configuration. (markt)
  * Fix: #464: Fall back to the class loader used to load JULI when the thread
    context class loader is not set. In a normal Tomcat configuration, this
    will be the system class loader. Based on a pull request by jackshirazi.
    (markt)
  * Fix: #469: Include the Java Annotations API in the classes that Tomcat will
    not load from web applications. Pull request provided by ppkarwasz. (markt)
  * Fix: Fix a potential StringIndexOutOfBoundsException exception when
    generating a WebDAV multi-status response after an error during a copy or
    delete. Report the paths relative to the server root for any resources with
    an error. (markt)
  * Fix: Improve the format of WebDAV XML responses to make them easier for
    humans to read. The change ensures that there is always a line break before
    starting a new element. (markt)
  * Fix: Improve validation of the Destination header for WebDAV MOVE and COPY
    requests. (markt)

Coyote

  * Fix: 65408: Backport the socket close refactoring - along with supporting
    changes - that ensures that a socket is only closed once. Pooled objects
    associated with the socket are now replaced with dummy instances to protect
    against applications that attempt to continue to use the socket after it
    has been closed. (markt/remm)
  * Fix: Correct a regression in the fix for 65454 that meant that
    minSpareThreads and maxThreads settings were ignored when the Connector
    used an internal executor. (markt)
  * Fix: 65776: Improve the detection of the Linux duplicate accept bug and
    reduce (hopefully avoid) instances of false positives. (markt)
  * Fix: 65848: Revert the change that attempted to align the behaviour of
    client certificate authentication with NIO or NIO2 with OpenSSL for TLS
    between MacOS and Linux/Windows as the root cause was traced to
    configuration differences. (markt)
  * Fix: #467: When system time moves backwards (e.g. after clock correction),
    ensure that the cached formatted current date used for HTTP headers tracks
    this change. Pull request provided by zhenguoli. (markt)
  * Update: Remove pollerThreadCount Connector attribute for NIO. One poller
    thread is sufficient. (remm/markt)
  * Fix: Avoid creating and using object caches when they are disabled. (remm/
    markt)

Jasper

  * Fix: #474: Prevent a tag file from corrupting the ELContext of the calling
    page. Pull request provided by Dmitri Blinov. (markt)
  * Fix: Minor optimisation of serialization for FunctionMapperImpl in response
    to pull request #476. (markt)

Web applications

  * Fix: Remove the applet example from the example web application as applets
    are no longer supported in any major browser. (markt)
  * Code: Refactor a small number of pages in the examples web application to
    avoid an issue with reproducible builds due to differences in file ordering
    across different operating systems with Ant's zip task. (markt)
  * Fix: Better documentation for the protocol attribute of the JNDIRealm.
    (markt)
  * Fix: Clarify the some custer settings described in the documentation web
    application. (markt)
  * Add: Add information on the OpenSSLConf and OpenSSLConfCmd elements to the
    HTTP SSL configuration page in the documentation web applications. (markt)

jdbc-pool

  * Code: Use LF line endings for text files in JARs to support reproducible
    builds across different operating systems. (markt)

Other

  * Code: Switch to building with Java 11 and using --release to target Java 8.
    Once back-ported to all currently supported branches, this will reduce the
    number of Java versions developers need to juggle. (markt)
  * Code: Use LF line endings for text files in JARs to support reproducible
    builds across different operating systems. (markt)
  * Fix: Fix dependencies for individual test targets in Ant build file. Based
    on #468 provided by Totoo che…
jperkin pushed a commit that referenced this issue Aug 24, 2024
Features / Improvements ✨

    Support marking a room as a direct message room (#92)
    Add external_edit_file_suffix to config (#253)
    Allow typing newline with <S-Enter> and enable keyboard enhancement protocol (#272)
    Display file sizes for attachments (#278)
    Implement set/unset/show for alternative and canonical aliases (#279)
    Allow notifications on open room if terminal not focused (#281)
    Add command to set per-room notification levels (#305)
    Add message slash commands (#317)
    Support reacting literally with non-Emojis (#320)
    Include room name in desktop notifications (#326)
    Add ban/unban/kick room commands (#327)
    Add command for setting room history visibility (#328)
    Add commands for viewing and clearing unreads (#332)

Documentation / README updates 📚

    Update Welcome window to reference TOML instead of JSON (#254)
    Add FreeBSD installation instructions (#280)
    Fix openSUSE link and installation command in README (#283)
    Add Hombrew as install method on MacOS (#303)

Bug Fixes 🐞

    Fix reaction count when there are duplicate reaction events from a user (#239)
    Prevent sending duplicate reaction events (#240)
    Use color overrides for users when message_user_color is enabled (#245)
    Fix image preview placement when messages are preceded by a date in the timeline (#257)
    Trim :editor output and check if it's empty (#275)
    Add error for missing username on :logout (#277)
    Remove timeout for desktop notifications (#314)
    Fix underflow panics when using TextPrinter::push_span_nobreak (#322)
    Remove modifyOtherKeys enablement (#324)
    Avoid treating simple messages as Markdown (#325)
    Handle message marks on non-64-bit platforms (#329)

Building / Housekeeping 🧹

    Update to ratatui-image@1.0.0 (#241)
    Update Cargo.toml to v0.0.10-alpha.1 and update dependencies (#269)
    Update to modalkit{,-ratatui}@0.0.19 (#273)
    Fix LICENSE file (#274)
    Add missing darwin build dependency (#286)
    Fix newer Clippy warnings for 1.80 (#301)
    Add FreeDesktop MetaInfo file (#315)
    Update to modalkit{,-ratatui}@0.0.20 (#319)
    Add metadata for cargo-deb and cargo-generate-rpm (#321)
    Build cross-platform binaries and packages of main (#323)
jperkin pushed a commit that referenced this issue Oct 4, 2024
…vel/boost-headers,

devel/boost-libs,devel/boost-mpi,devel/py-boost: Uodate to 1.86.0

Changelog:
New Libraries

  * No new libraries.

Updated Libraries

  * Atomic:
      + Use futex(2) system call on OpenBSD since recent OpenBSD versions have
        removed support for syscall(2).
  * Beast:
      + API Changes
          o Added HTTP status code 418 I'm a teapot.
      + Fixes
          o Narrowing conversion in read_size_hint_db().
          o Overloads that are ambiguous when using default completion tokens.
          o Misplaced static_assert in http::basic_fields move-assignment
            operator.
          o Underflow of bytes_transferred in WebSocket partial write
            operations.
          o websocket::stream::read_size_hint() does not exceed
            read_message_max.
          o Various warnings in tests.
          o Error handling in SSL shutdown operations in examples.
          o Annotate fallthrough case in zlib.
          o Handling of expired timers in basic_stream::ops::transfer_op.
          o Ambiguity in test::basic_stream constructor overloads.
          o Partial parsing of the final chunk in http::parser.
      + Improvements
          o Graceful shutdown in server_flex_awaitable example.
          o Simplified awaitable examples.
          o Added fuzzing targets.
          o Remove superfluous uses of std::bind in some examples.
          o ssl_stream does not use flat_stream.
      + Documentation
          o ssl_stream and flat_stream marked as deprecated.
          o net::ssl::stream is canonical in snippets and examples.
          o Added SSL/TLS Shutdown Procedure section.
      + Acknowledgements
          o tyler92, Ruslan Zakirov, Orgad Shaneh, Alexander Kernozhitsky
  * Charconv:
      + Fixed support for PPC64LE architecture.
      + Fixed support for platforms like Alpine linux that provide the <
        quadmath.h> header but not the compiled library.
      + Fixed first character pattern matching in from_chars for integer types.
      + Fixed overflow detection for integers with base greater than 10.
      + Added native support for std::float16_t and std::bfloat16_t instead of
        using interchange formats.
  * Cobalt:
      + Added support for asio::cancel_after
      + Made asio::deferred co_await-able, because it's asio's default token
      + Added noop utility
      + Added experimental support for stackful coroutines/fibers
      + Fixed movability of channel & coroutine types
  * Compat:
      + Added bind_front.hpp, bind_back.hpp, invoke.hpp, mem_fn.hpp,
        integer_sequence.hpp and type_traits.hpp.
      + Added function_ref.hpp.
  * Container:
      + Fixed bugs/issues:
          o GitHub #285: "devector<>::push_front asserts after clear()".
          o GitHub #280: "Several containers don't support non-movable types
            when move assigning".
          o GitHub #279: "small_vector cannot go back to use stack space".
          o GitHub #277: "Remove dep on boost::static_assert".
          o GitHub #275: "Compilation fails if custom key comparison is used".
          o GitHub #273: "flat_map/vector crashes on appends (memory
            corruption)".
          o GitHub #269: "flat_multimap::emplace not sorting elements under
            GCC".
          o GitHub #266: "small_vector<T> is misaligned on the stack in 32
            bits".
          o GitHub #259: "Global variables".
          o GitHub #245: "flat_tree::insert ordered range doesn't assert
            sorting".
          o GitHub #241: "flat_map should support same interface as std::map".
  * Core:
      + Added a boost/core/pointer_in_range.hpp header with a pointer_in_range
        function template to check if a pointer is within a given range.
      + Fixed type_name for abstract classes. (#172)
      + Fixed boost/core/type_name.hpp compilation error with MSVC with
        disabled native wchar_t type. (#173)
      + Added a workaround for an MSVC bug causing empty_value compilation
        errors when it is used with a nested class. (PR#175)
  * CRC:
      + C++03 is no longer supported; a C++11 compiler is required. (This
        includes GCC 4.6 or later, and MSVC 10.0 (VS 2010) or later.)
      + Removed dependencies on Array, Config, Integer, and TypeTraits. The
        library is now standalone.
  * Filesystem:
      + is_empty operation is now better protected against concurrent
        filesystem modifications.
      + On POSIX systems, is_empty now indicates error if invoked on a file
        other than a regular file or a directory.
      + On Windows, fixed file_size and is_empty operating on symlinks rather
        than the files the symlinks refer to. (#313)
      + directory_entry::refresh no longer throws an exception if the file
        referenced by the entry doesn't exist. This makes directory_entry::
        status and directory_entry::symlink_status, as well as methods based on
        them, behave similarly to the equivalent standalone operations. The
        fact that the file does not exist is still indicated via the error_code
        returned by the corresponding directory_entry::refresh overload, or can
        be seen by testing if the file type returned by directory_entry::status
        or directory_entry::symlink_status calls is file_type::file_not_found.
        (#314)
      + Fixed weakly_canonical testing path elements for existence relative to
        the current path instead of the base path specified in the call, if the
        input path was a relative path.
      + On Windows, fixed weakly_canonical producing incorrect result path when
        the input path started with "..". (#311)
  * Format:
      + C++03 is no longer supported; a C++11 compiler is required. (This
        includes GCC 4.7 or later, and MSVC 12.0 (VS 2013) or later.)
  * Function:
      + Removed dependency on Boost.TypeTraits.
      + Brought back the argN_type typedefs that were accidentally lost in
        1.85.
  * GIL:
      + Added
          o Added tell() and error() functions to istream_device and
            ostream_device classes (PR#747).
      + Changed
          o Don't ignore custom color converter in color_converted_view
            function (PR#726).
          o Added workaround for conflict with min() and max() macros on WinAPI
            (PR#745).
          o The use of boost::filesystem in GIL is now configurable in CMake
            via option BOOST_GIL_USE_BOOST_FILESYSTEM (PR#743).
      + Fixed
          o Fixed convolution in convolve_2d (PR#723)
          o Normalize Gaussian 2D kernel to avoid darkening (PR#725)
          o Wrong buffer size in path string conversion functions for std::
            wstring is fixed, avoiding buffer overflows when using I/O-related
            functions with std::wstring paths (PR#746).
      + Acknowledgements
          o Christoph Gringmuth, Christopher Kormanyos, nicolacandussi, Dirk
            Stolle, Olzhas Zhumabek
  * Graph:
      + Major update: C++14 is the new minimum standard; this was partly
        dictated by dependencies (at least to C++11) and partly by choice. If
        you require support for an older standard, please contact the
        maintainer.
      + Remove direct dependency on Boost.Regex.
      + Fix several compilation errors caused by not explicitly including
        common headers.
      + isomorphism: Fix docs, ignore vertex_max_invariant parameter in favour
        of cheaply calculating upper exclusive bound, fix bug with Associative
        Property Map, improve space efficiency from linear in the size of the
        maximum invariant to linear in the size of g1.
      + boykov_kolmogorov_max_flow: Fix named parameter overload.
      + adj_list_edge_iterator: Fix maybe-uninitialized warnings.
      + hawick_circuits: Add a parameter to optionally limit the depth of the
        search, causing a potentially suboptimal answer to be returned early.
      + disjoint_sets: Improve performance of link_sets by removing redundant
        lookup of set representatives.
      + maximum_adjacency_search: Refactor and more tests.
      + property: Use BOOST_ATTRIBUTE_NO_UNIQUE_ADDRESS to remove wasted space.
      + labeled_graph: Fix remove_labeled_vertex so that it actually removes
        the label too.
      + r_c_shortest_paths: Fix bug that the single-solution variant did not
        always return the shortest path.
      + read_graphviz: Fix stack overflow (oss-fuzz issue 66719) and
        non-keyword subgraph parsing.
      + Many miscellaneous improvements: broken links, typos, etc.
  * Interprocess:
      + Fixed bugs:
          o GitHub #191 ("vectorstream: support file sizes larger than INT_MAX
            ").
          o GitHub #198 ("Minor fixes for documentation of offset_ptr").
          o GitHub #202 ("Allow to map message_queue in anonymous memory").
          o GitHub #207 ("cmake: link system libraries").
          o GitHub #214 ("Doc: Fix github links").
  * Intrusive:
      + Fixed bug GitHub #86: Invalid UTF-8 character in comment
  * JSON:
      + Support for GCC versions older than version 5.0 is deprecated and will
        stop in Boost 1.88.0.
      + source_location parameter was added to throwing accessor functions.
      + Parse option to tolerate invalid UTF-16 surrogate pairs, and produce
        WTF-8.
      + Added accessor functions that return system::result.
      + Handle missing error case in direct parsing.
  * LexicalCast:
      + Fixed conversion of std::basic_string_view and boost::basic_string_view
        containing one or more \0 characters. Issue was introduced in 1.85.0.
  * leaf:
      + More optimal verbose_diagnostic_info implementation.
      + Bug fixes.
      + Added [[nodiscard]] to class result<>.
  * Locale:
      + Add support for custom allocators in conv::utf_to_utf
      + Don't build examples by default
  * Log:
      + Added a workaround for windres.exe issue, when it is used in CMake to
        compile event log resource files on MinGW-w64. (PR#231)
  * Math:
      + Correct Bessel function results at infinity, see 1143.
      + Improve Non Central T numerical stability, see scipy20693.
      + Correct float_next/float_prior behaviour at infinity.
      + Prevent spurious underflow in non-central beta, see scipy20693.
      + Add improvement to Heuman Lambda precision.
      + Improve Skew Normal root finding, see 1120.
      + Lots of minor fixes and improved code coverage.
  * Multiprecision:
      + Make sure eval_convert_to() does not terminate with super large
        numbers, see 618.
      + Fix sinc implementation to match behavior of Boost.Math.
      + Fix divide-by-zero in cpp_int modulus operations.
      + Fix underflow behavior consistency for integers greater than 128-bits,
        see 626.
  * MySQL:
      + The long-deprecated functions query, start_query, execute_statement and
        start_statement_execution (and their async equivalents) have been
        removed.
      + Breaking changes to experimental APIs:
          o The identifier class (client-side SQL formatting) has been removed.
            Use the new format specifiers feature, instead.
          o The required interface for custom formatters has been changed to
            accomodate the new format specifiers API.
          o any_connection::async_connect now requires that its connect_params
            argument be kept alive until the operation completes. The overload
            taking a const connect_params* has been removed.
          o character_set::name is now a const char* instead of a string_view,
            as MySQL character set names can't contain NULL characters.
          o any_connection internal buffer is now limited to 64MB. If you need
            to read or write rows bigger than that, increase
            any_connection_params::max_buffer_size. connection and their helper
            typedefs are not limited.
          o Renamed any_connection_params::initial_read_buffer_size to
            initial_buffer_size.
          o Renamed pool_params::initial_read_buffer_size to
            initial_buffer_size.
      + New experimental API: pipelines. Pipelines can increase efficiency by
        coalescing several requests in a single network packet. Pipelines can
        be used to run text queries, prepare, execute and close statements,
        reset session state and set the connection's character set.
      + Client-side SQL formatting now supports ranges out of the box.
        Formatting can be further customized using the new sequence function.
        Use cases like batch inserts and batch lookups can be significantly
        simplified using this functionality.
      + Client-side SQL formatting now supports format specifiers which modify
        how values are formatted. {:i} formats a string as a dynamic SQL
        identifiers, and {:r} outputs a raw unescaped
      + The static interface (static_results and static_execution_state) now
        supports Boost.Pfr types using pfr_by_name and pfr_by_position. Added
        underlying_row_t to support such types.
      + date and datetime can now be constructed from and converted to C++20
        std::chrono::local_time.
      + Added any_connection_params::max_buffer_size, which allows to set a
        limit to the connection's internal buffer.
      + Added is_fatal_error, which allows users can now distinguish between
        fatal (which require closing and re-opening the connection) and
        non-fatal error codes.
      + Added formattable_ref, a type-erased reference type that can refer to
        any type satisfying the Formattable concept.
      + Fixed an ODR violation under MSVC which could cause crashes in release
        builds when using Boost.MySQL with other code also using asio::
        coroutine in different translation units.
  * Odeint:
      + Added CMake Option BOOST_NUMERIC_ODEINT_NO_ADAPTORS to reduce
        dependencies, see 82
      + Fixed CMake detection of MPI.
  * Process:
      + Moved the old boost.process to v1 subfolder and inline namespace.
        deprecated process/*.hpp v1 headers
      + Turned v2 into a compile library.
      + Fixed usage on alpine linux / musl
  * Stacktrace:
      + Big new feature: stacktrace from arbitrary exception for Windows. std::
        stacktrace::from_current_exception() now works on Windows platform.
        Many thanks to huangqinjin for the implementation PR#159 Now on POSIX
        and Windows the from_current_exception() function returns the
        stacktrace of the current exception object as if the stacktrace was
        captured at the point of throwing the exception.
      + Fixed inclusion of rarely used Windows SDK headers which can cause
        conflict with other code using Windows SDK. Thanks to Marat Abrarov for
        fixing the issue PR#157.
      + Build option boost.stacktrace.from_exception now properly works on
        MacOS. Thanks to Peter Dimov for the fix PR#166.
      + Fixed a typo in assert expression. Thanks to Kilian Henneberger for the
        bug report #164.
      + Fixed shadowing warnings. Thanks to Nigel Stewart for the bug report #
        141.
      + Added dladdr minimal support for AIX. Many thanks to Cl??ment Chigot
        for the implementation PR#114.
      + Added Boost::stacktrace CMake alias that refers to the best supported
        implementation of Boost.Stacktrace on the platform. Thanks to Alex for
        the feature PR#167.
      + Significant improvement of CMake: multiple fixes, added many new tests,
        improved CI. Many thanks to Peter Dimov for all the improvements.
      + Fix addr2line work when the process is looked up via PATH. Thanks to
        Schreischildkroete for the bug report and to Jens Richter for fix #72.
  * Test:
      + Fix -Wundef in configuration step.
      + Fix unreachable return compilation error on MSVC.
  * Unordered:
      + Added container pmr aliases when header <memory_resource> is available.
        The alias boost::unordered::pmr::[container] refers to boost::unordered
        ::[container] with a std::pmr::polymorphic_allocator allocator type.
      + Equipped open-addressing and concurrent containers to internally
        calculate and provide statistical metrics affected by the quality of
        the hash function. This functionality is enabled by the global macro
        BOOST_UNORDERED_ENABLE_STATS.
      + Avalanching hash functions must now be marked via an is_avalanching
        typedef with an embedded value constant set to true (typically,
        defining is_avalanching as std::true_type). using is_avalanching = void
        is deprecated but allowed for backwards compatibility.
      + Added Visual Studio Natvis framework custom visualizations for
        containers and iterators. This works for all containers with an
        allocator using raw pointers. In this release, containers and iterators
        are not supported if their allocator uses fancy pointers. This may be
        addressed in later releases.
  * UUID:
      + Major update.
      + C++03 is no longer supported, a C++11 compiler is required. (This
        includes GCC 4.8 or later, MSVC 14.0 (VS 2015) or later, and
        MinGW-w64.)
      + Decreased number of Boost dependencies from 39 (in total) to just 5.
      + Updated to reflect the newer RFC 9562.
      + Added generators for time-based UUIDs.
      + Many other improvements, see the revision history.
  * Wave:
      + Replaced one use of vsprintf with the more secure vsnprintf
      + Fixed bug:
          o #197: Improper signed overflow handling (UB and a missing division
            check)
  * WinAPI:
      + Added BOOST_USE_WINAPI_VERSION CMake option, which allows users to
        specify the Windows version for Boost to target.

Updated Tools

  * BoostBook:
      + DTD updated: constructor, copy-assignment and destructor elements are
        now allowed inside method-group elements.
      + Many fixes and improvements in Doxygen-generated documentation:
          o Fixed duplicate equal signs in Doxygen-generated enum value
            initializers.
          o Disabled alphabetical sorting of function arguments. The sorting
            can be re-enabled by setting the new boost.sort.params XSL
            parameter to 1.
          o Added support for custom class member grouping. See Doxygen tags @
            name and @{/@}.
          o Added support for Doxygen references to classes, methods, enums,
            variables, etc. (see @ref tag).
          o Added support for @remark and @Important tags.
          o Added support for @parblock tags, which can be used to place
            multiple paragraphs under a tag that expects a single paragraph as
            an argument (e.g. @returns).
          o Template parameter defaults that refer to implementation details
            are now concealed, similar to function parameter defaults.
          o Improved presentation of unnamed enums. Instead of showing a
            synthesized name such as @0, the name is either omitted or is [
            unnamed], if the name is necessary to introduce a link to the enum
            documentation.
          o Changed the "See Also" (@sa) blocks to be displayed inline, similar
            to "Returns".
          o Fixed presentation of multiple exception specifications (@throws).
          o Added support for free form description of throwing behavior. If
            the exception type after the @throws tag is "~" then the exception
            type is omitted from the output, and the following description is
            displayed directly in the "Throws" section.
          o Removed redundant spaces in return types and template parameters.
  * Build:
      + Includes release of B2 version 5.2.1.
github-actions bot pushed a commit that referenced this issue Oct 21, 2024
Looks like version 3.2.9, 3.2.10, 3.2.11, 3.3.0, 3.3.1 and 3.3.2 did not
released.  (All changes are described in 3.3.3's section.)

3.3.3 (2024-10-14)

Merged Pull Requests

* [Unix#run_command] Remove Ruby 1.8.7 check #242 (dafyddcrosby)
* [#239] Add execution time to Windows shellout object #247 (dafyddcrosby)
* Increase EPIPE test input size based on platform page size #241 (matoro)
* Adjustments for Chef Target Mode #243 (thheinen)
* Migrate from Chefstyle to Cookstyle #249 (dafyddcrosby)
* Fix execution in target mode with cwd parameter given #250 (thheinen)
* Fix execution of multiline inputs to target mode; Improve error output
  #248 (thheinen)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants