Build: #11 was successful
Job: RPM Workflow was successful
Code commits
Openfire (master)
-
daryl herzmann <akrherz@iastate.edu> ee4395e4bc7fffc372060c916e9c143da0466984
Merge pull request #2191 from guusdk/release_4.7.5
Denote Openfire 4.7.5 Release -
Guus der Kinderen fa381296a8a246130056fca653d098592776b493
Denote Openfire 4.7.5 Release
- distribution/pom.xml (version fa381296a8a246130056fca653d098592776b493)
- i18n/pom.xml (version fa381296a8a246130056fca653d098592776b493)
- plugins/openfire-plugin-assembly-descriptor/pom.xml (version fa381296a8a246130056fca653d098592776b493)
- plugins/pom.xml (version fa381296a8a246130056fca653d098592776b493)
- pom.xml (version fa381296a8a246130056fca653d098592776b493)
- starter/pom.xml (version fa381296a8a246130056fca653d098592776b493)
- xmppserver/changelog.html (version fa381296a8a246130056fca653d098592776b493)
- xmppserver/pom.xml (version fa381296a8a246130056fca653d098592776b493)
- xmppserver/src/main/java/org/jivesoftware/openfire/spi/XMPPServerInfoImpl.java (version fa381296a8a246130056fca653d098592776b493)
-
Alex Gidman <alex.gidman@surevine.com> 71f3def2adeaac62729cf544b645c6819c3d9868
fix: OF-2595 - add remaining test pages to excludes
- xmppserver/src/main/java/org/jivesoftware/util/JiveGlobals.java (version 71f3def2adeaac62729cf544b645c6819c3d9868)
-
Alex Gidman <alex.gidman@surevine.com> 136cffc9ac23d6a727aa10d4e51d454351d9c0c9
fix: OF-2599 - remove explicit setup paths from AuthCheckFilter excludes once setup has been completed
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version 136cffc9ac23d6a727aa10d4e51d454351d9c0c9)
-
Alex Gidman <alex.gidman@surevine.com> b70aae09c41e2774845e9d73204dad4eaf6805de
fix: OF-2599 - remove setup pages from AuthCheckFilter excludes once setup completed
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version b70aae09c41e2774845e9d73204dad4eaf6805de)
-
Alex Gidman <alex.gidman@surevine.com> a3b5ebd5032ff7be9d3ada5bf52bea2df96ec881
fix: OF-2595 resolve merge conflicts
- i18n/src/main/resources/openfire_i18n.properties (version a3b5ebd5032ff7be9d3ada5bf52bea2df96ec881)
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version a3b5ebd5032ff7be9d3ada5bf52bea2df96ec881)
- xmppserver/src/main/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java (version a3b5ebd5032ff7be9d3ada5bf52bea2df96ec881)
-
Matthew Vivian <matthew.vivian@surevine.com> 139c7c215130c8930801d536b2dfa747e48867fa
OF-2597 Rename config option for wildcards in auth-exclusions
Improves the name used for the system property that controls whether wildcards are allowed in URLs that are excluded from auth checks.- i18n/src/main/resources/openfire_i18n.properties (version 139c7c215130c8930801d536b2dfa747e48867fa)
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version 139c7c215130c8930801d536b2dfa747e48867fa)
-
Brent Slater <brent.slater@surevine.com> 8e8f00aa0d3cf5d611c39b943b9702ecb6f17ffa
OF-2597 omits UTF-16 encoded dots
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version 8e8f00aa0d3cf5d611c39b943b9702ecb6f17ffa)
- xmppserver/src/test/java/org/jivesoftware/admin/AuthCheckFilterTest.java (version 8e8f00aa0d3cf5d611c39b943b9702ecb6f17ffa)
-
Danny Jackson <danny.jackson@surevine.com> bef928fc92d0c0185ee8a8408b7c33e5170ae395
OF-2598 - Removes wildcard for AuthCheckFilter and replaces with list of setup pages
- xmppserver/src/main/webapp/WEB-INF/web.xml (version bef928fc92d0c0185ee8a8408b7c33e5170ae395)
- xmppserver/src/test/java/org/jivesoftware/util/WebXmlUtilsTest.java (version bef928fc92d0c0185ee8a8408b7c33e5170ae395)
- xmppserver/src/test/resources/org/jivesoftware/util/test-web.xml (version bef928fc92d0c0185ee8a8408b7c33e5170ae395)
-
Alex Gidman <alex.gidman@surevine.com> d0d04efa5d15ed35589296d583743dbfccb7888b
fix: OF-2599 - re-initialise the excludes set on AuthCheckFilter destroy
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version d0d04efa5d15ed35589296d583743dbfccb7888b)
-
Brent Slater <brent.slater@surevine.com> 9c8e51472d6e98aea615ff927e3c7540be4c2eb1
OF-2597 checks for valid UTF-8 encoding of URL if fails then wont redirect
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version 9c8e51472d6e98aea615ff927e3c7540be4c2eb1)
- xmppserver/src/test/java/org/jivesoftware/admin/AuthCheckFilterTest.java (version 9c8e51472d6e98aea615ff927e3c7540be4c2eb1)
-
Guus der Kinderen 9559afb27fe6257eb75bd6743a9e457d50fad2f1
OF-2597: Adjust unit test for new property
- xmppserver/src/test/java/org/jivesoftware/admin/AuthCheckFilterTest.java (version 9559afb27fe6257eb75bd6743a9e457d50fad2f1)
-
Alex Gidman <alex.gidman@surevine.com> 4db08f3c2399abe026d16ca78565f3734d09087c
chore: OF-2599 - standardise approach to exclude add / remove
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version 4db08f3c2399abe026d16ca78565f3734d09087c)
-
Alex Gidman <alex.gidman@surevine.com> 2ac00a1ff42f5d3547ef58e21f8cdec992bfcf97
fix: OF-2595 - add ldap-server_test to excludes
- xmppserver/src/main/java/org/jivesoftware/util/JiveGlobals.java (version 2ac00a1ff42f5d3547ef58e21f8cdec992bfcf97)
-
Brent Slater <brent.slater@surevine.com> dc80523b8b5947f82cd5a1cfa335918cd1e2be0f
OF-2597 added check for encoded .. as well as what was alerady there
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version dc80523b8b5947f82cd5a1cfa335918cd1e2be0f)
- xmppserver/src/test/java/org/jivesoftware/admin/AuthCheckFilterTest.java (version dc80523b8b5947f82cd5a1cfa335918cd1e2be0f)
-
Alex Gidman <alex.gidman@surevine.com> 446fcac154ad689b206297ec22beb0bc013570ed
fix: OF-2599 - switch to load setup excludes programmatically at runtime if in setup mode
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version 446fcac154ad689b206297ec22beb0bc013570ed)
- xmppserver/src/main/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java (version 446fcac154ad689b206297ec22beb0bc013570ed)
- xmppserver/src/main/java/org/jivesoftware/util/JiveGlobals.java (version 446fcac154ad689b206297ec22beb0bc013570ed)
- xmppserver/src/main/webapp/WEB-INF/web.xml (version 446fcac154ad689b206297ec22beb0bc013570ed)
-
Matthew Vivian <matthew.vivian@surevine.com> 558a86c02a3c4b0bbf8d4b7d57ac4b6879604e11
OF-2597 Adds config option for wildcards in auth-exclusions
Adds a new configuration option (SystemProperty<Boolean>) that controls whether wildcards can be used in auth-exclusions. Changes to the property value do not require a restart to become effective. The default value for this property is to disallow wildcard usage.
Wildcards should not be used when configuration auth-exclusions. They are easily abused.
It cannot be ruled out that existing versions of third-party code (such as plugins) depend on the ability to use wildcards in auth-exclusions. Wildcards should therefor remain usable - but perhaps not by default.- i18n/src/main/resources/openfire_i18n.properties (version 558a86c02a3c4b0bbf8d4b7d57ac4b6879604e11)
- xmppserver/src/main/java/org/jivesoftware/admin/AuthCheckFilter.java (version 558a86c02a3c4b0bbf8d4b7d57ac4b6879604e11)
- xmppserver/src/test/java/org/jivesoftware/admin/AuthCheckFilterTest.java (version 558a86c02a3c4b0bbf8d4b7d57ac4b6879604e11)
-
Guus der Kinderen 4025ae8a862d983b3bcc50185e89c23e1229a44f
OF-2538: Only delete true child properties
When deleting a property, its child properties are expected to be deleted.
The original code would also delete properties that shared a common prefix. That is fixed by this commit.- xmppserver/src/main/java/org/jivesoftware/util/JiveProperties.java (version 4025ae8a862d983b3bcc50185e89c23e1229a44f)
-
Guus der Kinderen 9120161d16c220d98ec0c9560c104e2ec93e78c7
OF-2508: Nodeprep room name when creating through Ad-hoc command
Openfire provides an ad-hoc command that can be used to create a room. Openfire must ensure that room name values provided through that command are properly normalized (nodeprepped).- xmppserver/src/main/java/org/jivesoftware/openfire/commands/admin/muc/CreateMUCRoom.java (version 9120161d16c220d98ec0c9560c104e2ec93e78c7)
-
Guus der Kinderen 51d81c6bb2c72c43917834297a87d4639780363c
OF-2459: Tweaks to Admin Console css
- xmppserver/src/main/webapp/muc-room-edit-form.jsp (version 51d81c6bb2c72c43917834297a87d4639780363c)
- xmppserver/src/main/webapp/style/global.css (version 51d81c6bb2c72c43917834297a87d4639780363c)
-
Guus der Kinderen 656236ea3d85c94da05c9316e36ea66736c1c776
OF-2464: Admin console needs not define a locale
- xmppserver/src/main/webapp/WEB-INF/web.xml (version 656236ea3d85c94da05c9316e36ea66736c1c776)
- xmppserver/src/test/resources/org/jivesoftware/util/test-web.xml (version 656236ea3d85c94da05c9316e36ea66736c1c776)
-
Guus der Kinderen c2ccb69c2f88dce338eb54b9c3f4c0a13f28a92a
OF-2462: Do not skip stringprep in S2S
Openfire should not assume that JIDs in stanzas supplied by remote domains are stringprepped. It should apply stringprepping itself.
The property `xmpp.server.incoming.skip-jid-validation` can be used to control this behavior.- i18n/src/main/resources/openfire_i18n.properties (version c2ccb69c2f88dce338eb54b9c3f4c0a13f28a92a)
- xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version c2ccb69c2f88dce338eb54b9c3f4c0a13f28a92a)
-
Guus der Kinderen b1977c03b20dfda9fefe6b57bc4bf34aa42453ea
Limit aioxmpp's python to 3.11.2
Python 3.11.3 triggers this error when running aioxmpp:
`AttributeError: 'XSOEnumMixin' object has no attribute 'name'`
Fix python to 3.11.2 to prevent the issue from occurring.
More information in https://github.com/horazont/aioxmpp/issues/391- .github/workflows/continuous-integration-workflow.yml (version b1977c03b20dfda9fefe6b57bc4bf34aa42453ea)
-
Dan Caseley <dan@caseley.me.uk> 61875d2020f562e0db020cc9bdf446dc32820976
OF-2589 Exclude protobuf-java from mysql-connector-j
Since we don't need X DevAPI features- build/ci/updater/pom.xml (version 61875d2020f562e0db020cc9bdf446dc32820976)
- xmppserver/pom.xml (version 61875d2020f562e0db020cc9bdf446dc32820976)
-
Dan Caseley <dan@caseley.me.uk> 3417f2a3942de1273b771c50822c1c4f80914ec7
OF-2588 Upgrade mssql-jdbc from 7.4.1-java8 to 9.4.1-jre8
- build/ci/updater/pom.xml (version 3417f2a3942de1273b771c50822c1c4f80914ec7)
- xmppserver/pom.xml (version 3417f2a3942de1273b771c50822c1c4f80914ec7)
-
Dan Caseley <dan@caseley.me.uk> 1b98ea6679d210687726bf178794b14eb3d241e6
OF-2587 Upgrade TwelveMonkeys image-io extensions from 3.5 to 3.9.4
- xmppserver/pom.xml (version 1b98ea6679d210687726bf178794b14eb3d241e6)
-
Dan Caseley <dan@caseley.me.uk> 78f1e81a332df36405f381e7bb3b07e3c3d7cc01
OF-2586 Update mysql-connector from 8.0.28 to 8.0.32
- build/ci/updater/pom.xml (version 78f1e81a332df36405f381e7bb3b07e3c3d7cc01)
- xmppserver/pom.xml (version 78f1e81a332df36405f381e7bb3b07e3c3d7cc01)
-
Dan Caseley <dan@caseley.me.uk> 4c8c331c876acdf9afef2515be4479f837ad01c8
OF-2585 Bump commons-fileupload from 1.4 to 1.5
- xmppserver/pom.xml (version 4c8c331c876acdf9afef2515be4479f837ad01c8)
-
Dan Caseley <dan@caseley.me.uk> 974ede53bddb8eccb6aef28c4e53209b472e98d8
OF-2585 Add safety limit for uploading plugin files
Recommended mitigation for CVE-2023-24998- xmppserver/src/main/webapp/plugin-admin.jsp (version 974ede53bddb8eccb6aef28c4e53209b472e98d8)
-
Dan Caseley <dan@caseley.me.uk> 07b62be169c74c04d18ef95578d54b29f2a6b5cc
OF-2584 Suppress new/old Guava vulnerability
Guava has vulnerability related to permissions on a temp directory (https://github.com/google/guava/issues/4011) but we don't use that method. This wasn't flagged by the previous version of dependency-check-maven, as it'd been assumed fixed in Guava.- .dependency-check-suppressions.xml (version 07b62be169c74c04d18ef95578d54b29f2a6b5cc)
-
Dan Caseley <dan@caseley.me.uk> 2739e48b5577ae6079e3e441bc89d159b6974ded
OF-2584 Update dependency-check-maven from 6.2.2 to 8.1.2
- pom.xml (version 2739e48b5577ae6079e3e441bc89d159b6974ded)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> a1a1407ba04b9201b6237d0fe60863082a8d809d
OF-2493: bump postgresql from 42.3.3 to 42.4.1 in /xmppserver
Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.3.3 to 42.4.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pgjdbc/pgjdbc/compare/REL42.3.3...REL42.4.1)
---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>- xmppserver/pom.xml (version a1a1407ba04b9201b6237d0fe60863082a8d809d)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 866413d638160f997defc007148574994ba9e5a1
OF-2493: bump postgresql from 42.3.3 to 42.4.1 in /build/ci/updater
Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.3.3 to 42.4.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pgjdbc/pgjdbc/compare/REL42.3.3...REL42.4.1)
---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>- build/ci/updater/pom.xml (version 866413d638160f997defc007148574994ba9e5a1)
-
daryl herzmann <akrherz@iastate.edu> a1d8d2a7e69e9905cab43f10f0f85f5c99e498a2
CI: run on ubuntu-latest (#2185)
- .github/workflows/continuous-integration-workflow.yml (version a1d8d2a7e69e9905cab43f10f0f85f5c99e498a2)
-
akrherz <akrherz@iastate.edu> 22c659ff76dc815db7263ff03329c8f58c65c48b
OF-2575 fix text formatting for inband reg
- xmppserver/src/main/webapp/reg-settings.jsp (version 22c659ff76dc815db7263ff03329c8f58c65c48b)
-
akrherz <akrherz@iastate.edu> 7c5daba6874c9b7a0f544e29d588b4c8f7038e5c
aioxmpp: pip install pytz
- runAioxmppIntegrationTests (version 7c5daba6874c9b7a0f544e29d588b4c8f7038e5c)
-
Dan Caseley <dan@caseley.me.uk> 21adca458e4b61870e1311b73882b9514b4afb27
Try matching upstream dependency installation method
- runAioxmppIntegrationTests (version 21adca458e4b61870e1311b73882b9514b4afb27)
-
Dan Caseley <dan@caseley.me.uk> 24557159f8824f21e84c37406f31c0a64f2e3333
Bump python version for aioxmpp
- .github/workflows/continuous-integration-workflow.yml (version 24557159f8824f21e84c37406f31c0a64f2e3333)
- runAioxmppIntegrationTests (version 24557159f8824f21e84c37406f31c0a64f2e3333)
-
Guus der Kinderen f7e9f97f3cd83f640cc0865821fd1ca10eed13d5
OF-2561: Fix fallback for ConnectionListener 'verify'
This fixes a bug that occurs when the verifyCertificateValidity call of a ConnectionListener is delegated to a fall-back ConnectionListener.- xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version f7e9f97f3cd83f640cc0865821fd1ca10eed13d5)
-
Guus der Kinderen 15d16a8acd09b08f2e62e4e49ac695592085b419
OF-2539: Improve naming of threads
This overrides the default name (pool-x-thread-y) used for threads generated by an executor service to something that is more identifiable. Should not introduce functional changes.- xmppserver/src/main/java/org/jivesoftware/openfire/Channel.java (version 15d16a8acd09b08f2e62e4e49ac695592085b419)
- xmppserver/src/main/java/org/jivesoftware/openfire/container/PluginMonitor.java (version 15d16a8acd09b08f2e62e4e49ac695592085b419)
- xmppserver/src/main/java/org/jivesoftware/openfire/crowd/CrowdGroupProvider.java (version 15d16a8acd09b08f2e62e4e49ac695592085b419)
- xmppserver/src/main/java/org/jivesoftware/openfire/crowd/CrowdUserProvider.java (version 15d16a8acd09b08f2e62e4e49ac695592085b419)
- xmppserver/src/main/java/org/jivesoftware/openfire/keystore/CertificateStoreWatcher.java (version 15d16a8acd09b08f2e62e4e49ac695592085b419)
- xmppserver/src/main/java/org/jivesoftware/openfire/muc/spi/MultiUserChatServiceImpl.java (version 15d16a8acd09b08f2e62e4e49ac695592085b419)
- xmppserver/src/main/java/org/jivesoftware/openfire/server/OutgoingSessionPromise.java (version 15d16a8acd09b08f2e62e4e49ac695592085b419)
- xmppserver/src/main/java/org/jivesoftware/util/SAXReaderUtil.java (version 15d16a8acd09b08f2e62e4e49ac695592085b419)
-
Guus der Kinderen 949a769686911dbdee8bee65346a917abb1cc8ac
OF-2543: When retrieving pubsub items, always include payload
The pubsub node configuration option `pubsub#deliver_payloads` is defined in XEP-0060 to control if payloads are included in pubsub notification events. Openfire should not use it to determine if payloads are to be included when answering item retrievals (those should _always_ have payloads, if they exist on the item).- xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/LeafNode.java (version 949a769686911dbdee8bee65346a917abb1cc8ac)
- xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/PubSubEngine.java (version 949a769686911dbdee8bee65346a917abb1cc8ac)
-
Guus der Kinderen 43b1d10ef7e0015b74f4ae3718bcaeb61668b45e
OF-2541: Update Maven SCM from SVN to GIT
- plugins/pom.xml (version 43b1d10ef7e0015b74f4ae3718bcaeb61668b45e)
-
akrherz <akrherz@iastate.edu> 96ea10a04a9bc5660d52d4bacee9495c4cbce985
march toward 4.7.5-SNAPSHOT
- distribution/pom.xml (version 96ea10a04a9bc5660d52d4bacee9495c4cbce985)
- i18n/pom.xml (version 96ea10a04a9bc5660d52d4bacee9495c4cbce985)
- plugins/openfire-plugin-assembly-descriptor/pom.xml (version 96ea10a04a9bc5660d52d4bacee9495c4cbce985)
- plugins/pom.xml (version 96ea10a04a9bc5660d52d4bacee9495c4cbce985)
- pom.xml (version 96ea10a04a9bc5660d52d4bacee9495c4cbce985)
- starter/pom.xml (version 96ea10a04a9bc5660d52d4bacee9495c4cbce985)
- xmppserver/pom.xml (version 96ea10a04a9bc5660d52d4bacee9495c4cbce985)
- xmppserver/src/main/java/org/jivesoftware/openfire/spi/XMPPServerInfoImpl.java (version 96ea10a04a9bc5660d52d4bacee9495c4cbce985)
-
akrherz <akrherz@iastate.edu> ab13d6b8c08367d6c43ac7069a050ebe3f8ff21a
fix missing ] in changelog
- xmppserver/changelog.html (version ab13d6b8c08367d6c43ac7069a050ebe3f8ff21a)