JEXL-435: do not coerce empty() operator overload to boolean;

apache · Dec 16, 2024 · 48dfac2 · 48dfac2
1 parent 7c0c90c
commit 48dfac2
Show file tree

Hide file tree

Showing 4 changed files with 92 additions and 133 deletions.
diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt
@@ -1,126 +1,21 @@
 
-Apache Commons JEXL 3.4.0 Release Notes
-
-Introduction
-------------
-
-Apache Commons JEXL is a library facilitates the implementation of scripting features in
-        applications and frameworks written in Java.
-
-Java 8 is required.
-
-New features
-------------
-
-o JEXL-423:  Add support for instanceof / !instanceof 
-o JEXL-422:  Add strict equality (===) and inequality (!==) operators 
-o JEXL-421:  ArrayBuilder: array type should reflect common class of its entries 
-o JEXL-419:  Add permission syntax to allow class/method/field 
-o JEXL-418:  Add try-catch support Thanks to Xu Pengcheng. 
-o JEXL-408:  Using JexlFeatures is tedious Thanks to sebb. 
-o JEXL-404:  Support array-access safe navigation (x?[y]) Thanks to Xu Pengcheng. 
-o JEXL-401:  Captured variables should be read-only 
-o JEXL-398:  Allow 'trailing commas' or ellipsis while defining array, map and set literals Thanks to Xu Pengcheng. 
-o          Add Maven property project.build.outputTimestamp for build reproducibility. Thanks to Gary Gregory. 
-
-Fixed Bugs
-----------
-
-o JEXL-420:  Error while comparing float and string value Thanks to Xu Pengcheng. 
-o JEXL-417:  JexlArithmetic looses precision during arithmetic operator execution Thanks to Robert Lucas. 
-o JEXL-416:  Null-valued pragma throws NPE in 3.3 Thanks to William Price. 
-o JEXL-415:  Incorrect template eval result. Thanks to Xu Pengcheng. 
-o JEXL-414:  SoftCache may suffer from race conditions. Thanks to Holger Sunke. 
-o JEXL-412:  Ambiguous syntax between namespace function call and map object definition. Thanks to Xu Pengcheng. 
-o JEXL-410:  JexlFeatures: ctor does not enable all features. Thanks to sebb. 
-o JEXL-409:  Disable LEXICAL should disable LEXICAL_SHADE. Thanks to sebb. 
-o JEXL-405:  Recursive functions corrupt evaluation frame if reassigned. 
-o JEXL-403:  Exception while evaluating template literal used in array assignment in loop. Thanks to Xu Pengcheng. 
-o JEXL-402:  Parse failed with empty return value. Thanks to Xu Pengcheng. 
-o          [StepSecurity] ci: Harden GitHub Actions #180. Thanks to step-security-bot, Gary Gregory. 
-o          Guard logging calls. Thanks to PMD, Gary Gregory. 
-o          Deprecate SimpleNode.SimpleNode(Parser, int) in favor of SimpleNode.SimpleNode(int). Thanks to PMD, Gary Gregory. 
-o          Deprecate JexlNode.JexlNode(Parser, int) in favor of JexlNode.JexlNode(int). Thanks to PMD, Gary Gregory. 
-
-Changes
--------
-
-o          Bump commons-parent from 67 to 69. Thanks to dependabot. 
-o          Bump github actions. Thanks to dependabot. 
-o          Bump commons-parent from 57 to 70. Thanks to Gary Gregory, Dependabot. 
-o          Bump org.ow2.asm:asm from 9.5 to 9.7 #200, #242. Thanks to dependabot. 
-o          Bump commons-logging from 1.2 to 1.3.2 #241, #255. Thanks to Gary Gregory, Dependabot. 
-o          Bump com.google.code.gson:gson from 2.10.1 to 2.11.0 #258. Thanks to Gary Gregory, Dependabot. 
-
-
-Historical list of changes: https://commons.apache.org/proper/commons-jexl/changes-report.html
-
-For complete information on Apache Commons JEXL, including instructions on how to submit bug reports,
-patches, or suggestions for improvement, see the Apache Commons JEXL website:
-
-https://commons.apache.org/proper/commons-jexl/
-
-Download page: https://commons.apache.org/proper/commons-jexl/download_jexl.cgi
-
-Have fun!
--Apache Commons Team
-
-------------------------------------------------------------------------------
-
+                            Apache Commons JEXL
+                                Version 3.4.1
+                               Release Notes
 
-Apache Commons JEXL 3.4.0 Release Notes
 
-Introduction
-------------
+INTRODUCTION:
+=============
 
-Apache Commons JEXL is a library facilitates the implementation of scripting features in
+JEXL is a library intended to facilitate the implementation of dynamic and scripting features in
 applications and frameworks written in Java.
 
-Java 8 is required.
+JEXL implements an Expression Language based on some extensions to the JSTL Expression Language supporting most of the
+constructs seen in shell-script or ECMAScript.
 
-New features
-------------
-
-o JEXL-423:  Add support for instanceof / !instanceof 
-o JEXL-422:  Add strict equality (===) and inequality (!==) operators 
-o JEXL-421:  ArrayBuilder: array type should reflect common class of its entries 
-o JEXL-419:  Add permission syntax to allow class/method/field 
-o JEXL-418:  Add try-catch support Thanks to Xu Pengcheng. 
-o JEXL-408:  Using JexlFeatures is tedious Thanks to sebb. 
-o JEXL-404:  Support array-access safe navigation (x?[y]) Thanks to Xu Pengcheng. 
-o JEXL-401:  Captured variables should be read-only 
-o JEXL-398:  Allow 'trailing commas' or ellipsis while defining array, map and set literals Thanks to Xu Pengcheng. 
-o            Add Maven property project.build.outputTimestamp for build reproducibility. Thanks to Gary Gregory. 
-
-Fixed Bugs
-----------
-
-o JEXL-420:  Error while comparing float and string value Thanks to Xu Pengcheng. 
-o JEXL-417:  JexlArithmetic looses precision during arithmetic operator execution Thanks to Robert Lucas. 
-o JEXL-416:  Null-valued pragma throws NPE in 3.3 Thanks to William Price. 
-o JEXL-415:  Incorrect template eval result. Thanks to Xu Pengcheng. 
-o JEXL-414:  SoftCache may suffer from race conditions. Thanks to Holger Sunke. 
-o JEXL-412:  Ambiguous syntax between namespace function call and map object definition. Thanks to Xu Pengcheng. 
-o JEXL-410:  JexlFeatures: ctor does not enable all features. Thanks to sebb. 
-o JEXL-409:  Disable LEXICAL should disable LEXICAL_SHADE. Thanks to sebb. 
-o JEXL-405:  Recursive functions corrupt evaluation frame if reassigned. 
-o JEXL-403:  Exception while evaluating template literal used in array assignment in loop. Thanks to Xu Pengcheng. 
-o JEXL-402:  Parse failed with empty return value. Thanks to Xu Pengcheng. 
-o            [StepSecurity] ci: Harden GitHub Actions #180. Thanks to step-security-bot, Gary Gregory. 
-o            Guard logging calls. Thanks to PMD, Gary Gregory. 
-o            Deprecate SimpleNode.SimpleNode(Parser, int) in favor of SimpleNode.SimpleNode(int). Thanks to PMD, Gary Gregory. 
-o            Deprecate JexlNode.JexlNode(Parser, int) in favor of JexlNode.JexlNode(int). Thanks to PMD, Gary Gregory. 
-
-Changes
--------
-
-o          Bump commons-parent from 67 to 69. Thanks to dependabot. 
-o          Bump github actions. Thanks to dependabot. 
-o          Bump commons-parent from 57 to 70. Thanks to Gary Gregory, Dependabot. 
-o          Bump org.ow2.asm:asm from 9.5 to 9.7 #200, #242. Thanks to dependabot. 
-o          Bump commons-logging from 1.2 to 1.3.2 #241, #255. Thanks to Gary Gregory, Dependabot. 
-o          Bump com.google.code.gson:gson from 2.10.1 to 2.11.0 #258. Thanks to Gary Gregory, Dependabot. 
+Its goal is to expose scripting features usable by technical operatives or consultants working with enterprise platforms.
 
+Java 8 is required.
 
 Historical list of changes: https://commons.apache.org/proper/commons-jexl/changes-report.html
 
@@ -134,27 +29,48 @@ Download page: https://commons.apache.org/proper/commons-jexl/download_io.cgi
 Have fun!
 -Apache Commons Team
 
-------------------------------------------------------------------------------
-
-
-                            Apache Commons JEXL
-                                Version 3.4
-                               Release Notes
-
+========================================================================================================================
+Release 3.4.1
+========================================================================================================================
 
-INTRODUCTION:
-=============
+Version 3.4.1 is a minor release.
 
-JEXL is a library intended to facilitate the implementation of dynamic and scripting features in
-applications and frameworks written in Java.
+Compatibility with previous releases
+====================================
+Version 3.4.1 is source and binary compatible with 3.4.
 
-JEXL implements an Expression Language based on some extensions to the JSTL Expression Language supporting most of the
-constructs seen in shell-script or ECMAScript.
 
-Its goal is to expose scripting features usable by technical operatives or consultants working with enterprise platforms.
+What's new in 3.4.1:
+====================
+Operator overloading has been enhanced so that overloading compare() will benefit all comparison operators.
+A feature flag has been introduced to allow pass-by-reference of captured variables closely mimicking
+EcmaScript behavior.
 
+New Features in 3.4.1:
+======================
+* JEXL-428:     Make Comparable object high priority while comparing
+* JEXL-427:     Avoid coercing logical expressions to boolean
+* JEXL-426:     Enable pass-by-reference for Captured Variables
 
-  https://commons.apache.org/jexl/
+Bugs Fixed in 3.4.1:
+====================
+* JEXL-435:     Changed behavior of empty operator overloading
+* JEXL-434:     The safe-access array operator is not safe
+* JEXL-433:     Debugger does not accept empty return statement
+* JEXL-432:     Namespace functors are not cleared when the classloader is updated
+* JEXL-431:     Parse error with variables declared in a catch clause
+* JEXL-429:     Ternary expression regression
+* JEXL-425:     Multiline format literals does not always return string
+
+Changes in 3.4.1:
+=================
+o               Replace NumberParser use of Locale.ENGLISH with Locale.ROOT
+o               Bump org.apache.commons:commons-parent from 71 to 78
+o               Bump commons-logging:commons-logging from 1.3.2 to 1.3.4
+o               Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.23 to 1.24
+o               Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.17.0
+o               Bump org.hamcrest:hamcrest from 2.2 to 3.0
+o               Bump org.ow2.asm:asm from 9.7 to 9.7.1
 
 ========================================================================================================================
 Release 3.4
@@ -185,6 +101,7 @@ New Features in 3.4:
 * JEXL-404:     Support array-access safe navigation (x?[y])
 * JEXL-401:     Captured variables should be read-only
 * JEXL-398:     Allow 'trailing commas' or ellipsis while defining array, map and set literals
+o               Add Maven property project.build.outputTimestamp for build reproducibility. Thanks to Gary Gregory.
 
 Bugs Fixed in 3.4:
 ==================
@@ -199,6 +116,19 @@ Bugs Fixed in 3.4:
 * JEXL-405:     Recursive functions corrupt evaluation frame if reassigned
 * JEXL-403:     Exception while evaluating template literal used in array assignment in loop.
 * JEXL-402:     parse failed with empty return value.
+o               [StepSecurity] ci: Harden GitHub Actions #180. Thanks to step-security-bot, Gary Gregory.
+o               Guard logging calls. Thanks to PMD, Gary Gregory.
+o               Deprecate SimpleNode.SimpleNode(Parser, int) in favor of SimpleNode.SimpleNode(int). Thanks to PMD, Gary Gregory.
+o               Deprecate JexlNode.JexlNode(Parser, int) in favor of JexlNode.JexlNode(int). Thanks to PMD, Gary Gregory.
+
+Changes in 3.4:
+===============
+o              Bump commons-parent from 67 to 69. Thanks to dependabot.
+o              Bump github actions. Thanks to dependabot.
+o              Bump commons-parent from 57 to 70. Thanks to Gary Gregory, Dependabot.
+o              Bump org.ow2.asm:asm from 9.5 to 9.7 #200, #242. Thanks to dependabot.
+o              Bump commons-logging from 1.2 to 1.3.2 #241, #255. Thanks to Gary Gregory, Dependabot.
+o              Bump com.google.code.gson:gson from 2.10.1 to 2.11.0 #258. Thanks to Gary Gregory, Dependabot.
 
 ========================================================================================================================
 Release 3.3

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
@@ -29,14 +29,17 @@
     <body>
         <release version="3.4.1" date="YYYY-MM-DD" description="This is a feature and maintenance release. Java 8 or later is required.">
           <!-- FIX -->
+            <action dev="henrib" type="fix" issue="JEXL-435" due-to="Vincent Bussol">
+                Changed behavior of empty operator overloading
+            </action>Action>
             <action dev="henrib" type="fix" issue="JEXL-434" due-to="Vincent Bussol">
                 The safe-access array operator is not safe
             </action>
             <action dev="henrib" type="fix" issue="JEXL-433" due-to="Vincent Bussol">
                 Debugger does not accept empty return statement
             </action>
             <action dev="henrib" type="fix" issue="JEXL-432" due-to="Vincent Bussol">
-                PNamespace functors are not cleared when the classloader is updated
+                Namespace functors are not cleared when the classloader is updated
             </action>
             <action dev="henrib" type="fix" issue="JEXL-431" due-to="Vincent Bussol">
                 Parse error with variables declared in a catch clause
@@ -47,7 +50,9 @@
             <action dev="henrib" type="fix" issue="JEXL-425" due-to="Xu Pengcheng">
                 Multiline format literals does not always return string
             </action>
-          <action type="fix" dev="ggregory" due-to="Gary Gregory">Replace NumberParser use of Locale.ENGLISH with Locale.ROOT.</action>
+            <action type="fix" dev="ggregory" due-to="Gary Gregory">
+              Replace NumberParser use of Locale.ENGLISH with Locale.ROOT.
+            </action>
           <!-- ADD -->
             <action dev="henrib" type="add" issue="JEXL-428" due-to="Xu Pengcheng">
                 Make Comparable object high priority while comparing

diff --git a/src/main/java/org/apache/commons/jexl3/internal/Operator.java b/src/main/java/org/apache/commons/jexl3/internal/Operator.java
@@ -291,7 +291,7 @@ public Object empty(final JexlCache.Reference node, final Object object) {
                 }
             }
         }
-        return !(result instanceof Boolean) || (Boolean) result;
+        return result;
     }
 
     @Override

diff --git a/src/test/java/org/apache/commons/jexl3/Issues400Test.java b/src/test/java/org/apache/commons/jexl3/Issues400Test.java
@@ -555,5 +555,29 @@ void test434() {
         assertNotNull(script);
         final Object result = script.execute(null);
         assertNull(result);
+
+    }
+
+    public static class Arithmetic435 extends JexlArithmetic {
+        public Arithmetic435(boolean strict) {
+            super(strict);
+        }
+        public Object empty(String type) {
+            if ("list".equals(type)) {
+                return Collections.emptyList();
+            }
+            return null;
+        }
+    }
+
+    @Test
+    void test() {
+        JexlArithmetic arithmetic = new Arithmetic435(true);
+        JexlEngine jexl = new JexlBuilder().arithmetic(arithmetic).create();
+        final String src = "empty('list')";
+        final JexlScript script = jexl.createScript(src);
+        assertNotNull(script);
+        final Object result = script.execute(null);
+        assertInstanceOf(List.class, result);
     }
 }
-Original file line number
+Diff line change
@@ Expand Up @@
                     }
                 }
             }
-            return !(result instanceof Boolean) || (Boolean) result;
+            return result;
         }
         @Override
@@ Expand Down @@