jackson-core/jackson-core.changes

304 lines
14 KiB
Plaintext

-------------------------------------------------------------------
Mon Aug 21 13:05:24 UTC 2023 - Fridrich Strba <fstrba@suse.com>
- Update to 2.15.2
* 2.15.2 (30-May-2023)
+ #1019: Allow override of 'StreamReadContraints' default with
'overrideDefaultStreamReadConstraints()'
+ #1027: Extra module-info.class in 2.15.1
+ #1028: Wrong checksums in 'module.json' (2.15.0, 2.15.1)
+ #1032: 'LICENSE' missing from 2.15.1 jar
* 2.15.1 (16-May-2023))
+ #999: Gradle metadata for 'jackson-core' '2.15.0' adds
dependency on 'ch.randelshofer:fastdoubleparser'
+ #1003: Add FastDoubleParser section to 'NOTICE'
+ #1014: Increase default max allowed String value length from
5 megs to 20 megs
+ #1023: Problem with 'FilteringGeneratorDelegate' wrt
'TokenFilter.Inclusion.INCLUDE_NON_NULL'
* 2.15.0 (23-Apr-2023)
+ #827: Add numeric value size limits via
'StreamReadConstraints' (fixes 'sonatype-2022-6438')
+ #844: Add SLSA provenance via build script
+ #851: Add 'StreamReadFeature.USE_FAST_BIG_DECIMAL_PARSER' to
enable faster 'BigDecimal', 'BigInteger' parsing
+ #863: Add 'StreamReadConstraints' limit for longest textual
value to allow (default: 5M)
+ #865: Optimize parsing 19 digit longs
+ #898: Possible flaw in 'TokenFilterContext#skipParentChecks()'
+ #902: Add 'Object JsonParser.getNumberValueDeferred()' method
to allow for deferred decoding in some cases
+ #921: Add 'JsonFactory.Feature.CHARSET_DETECTION' to disable
charset detection
+ #948: Use 'StreamConstraintsException' in name canonicalizers
+ #962: Offer a way to directly set 'StreamReadConstraints' via
'JsonFactory' (not just Builder)
+ #965: 2.15.0-rc1 missing Gradle module metadata marker in
pom.xml
+ #968: Prevent inefficient internal conversion from
'BigDecimal' to 'BigInteger' wrt ultra-large scale
+ #984: Add 'JsonGenerator.copyCurrentEventExact' as alternative
to 'copyCurrentEvent()'
* 2.14.3 (05-May-2023)
+ #909: Revert schubfach changes in #854
+ #912: Optional padding Base64Variant still throws exception on
missing padding character
+ #967: Address performance issue with 'BigDecimalParser'
+ #990: Backport removal of BigDecimal to BigInt conversion
(#987)
+ #1004: FastDoubleParser license
+ #1012: Got 'NegativeArraySizeException' when calling
'writeValueAsString()'
* 2.14.2 (28-Jan-2023)
+ #854: Backport schubfach changes from v2.15#8
+ #882: Allow TokenFIlter to skip last elements in arrays
+ #886: Avoid instance creations in fast parser code
+ #890: 'FilteringGeneratorDelegate' does not create new
'filterContext' if 'tokenFilter' is null
* 2.14.0 (05-Nov-2022)
+ #478: Provide implementation of async JSON parser fed by
'ByteBufferFeeder'
+ #577: Allow use of faster floating-point number parsing with
'StreamReadFeature.USE_FAST_DOUBLE_PARSER'
+ #684: Add "JsonPointer#appendProperty" and
"JsonPointer#appendIndex"
+ #715: Allow TokenFilters to keep empty arrays and objects
+ #717: Hex capitalization for JsonWriter should be configurable
(add 'JsonWriteFeature.WRITE_HEX_UPPER_CASE')
+ #733: Add 'StreamReadCapability.EXACT_FLOATS' to indicate
whether parser reports exact floating-point values or not
+ #736: 'JsonPointer' quadratic memory use: OOME on deep inputs
+ #745: Change minimum Java version to 8
+ #749: Allow use of faster floating-point number serialization
('StreamWriteFeature.USE_FAST_DOUBLE_WRITER')
+ #751: Remove workaround for old issue with a particular double
+ #753: Add 'NumberInput.parseFloat()'
+ #757: Update ParserBase to support floats directly
+ #759: JsonGenerator to provide current value to the context
before starting objects
+ #762: Make 'JsonPointer' 'java.io.Serializable'
+ #763: 'JsonFactory.createParser()' with 'File' may leak
'InputStream's
+ #764: 'JsonFactory.createGenerator()' with 'File' may leak
'OutputStream's
+ #773: Add option to accept non-standard trailing decimal point
('JsonReadFeature.ALLOW_TRAILING_DECIMAL_POINT_FOR_NUMBERS')
+ #774: Add a feature to allow leading plus sign
('JsonReadFeature.ALLOW_LEADING_PLUS_SIGN_FOR_NUMBERS')
+ #788: 'JsonPointer.empty()' should NOT indicate match of a
property with key of ""
+ #798: Avoid copy when parsing 'BigDecimal'
+ #811: Add explicit bounds checks for 'JsonGenerator' methods
that take 'byte[]'/'char[]'/String-with-offsets input
+ #812: Add explicit bounds checks for
'JsonFactory.createParser()' methods that take
'byte[]'/'char[]'-with-offsets input
+ #814: Use 'BigDecimalParser' for BigInteger parsing very long
numbers
+ #818: Calling 'JsonPointer.compile(...)' on very deeply nested
expression throws 'StackOverflowError'
+ #828: Make 'BigInteger' parsing lazy
+ #830: Make 'BigDecimal' parsing lazy
+ #834: ReaderBaseJsonParser._verifyRootSpace() can cause buffer
boundary failure
- Added patch:
* 0001-Remove-ch.randelshofer.fastdoubleparser.patch
+ we don't have 'ch.randelshofer:fastdoubleparser'
-------------------------------------------------------------------
Wed Jun 15 06:37:45 UTC 2022 - Fridrich Strba <fstrba@suse.com>
- Update to 2.13.3
* 2.13.3 (14-May-2022)
+ #744: Limit size of exception message in BigDecimalParser
* 2.13.2 (06-Mar-2022)
+ #732: Update Maven wrapper
+ #739: 'JsonLocation' in 2.13 only uses identity comparison
for "content reference"
* 2.13.1 (19-Dec-2021)
+ #713: Incorrect parsing of single-quoted surrounded String
values containing double quotes
-------------------------------------------------------------------
Sun Mar 20 16:24:25 UTC 2022 - Fridrich Strba <fstrba@suse.com>
- Build with source and target levels 8
-------------------------------------------------------------------
Wed Oct 20 05:55:56 UTC 2021 - Fridrich Strba <fstrba@suse.com>
- Update to 2.13.0 (CVE-2020-36518, bsc#1197132)
* 2.13.0 (30-Sep-2021)
+ #652: Misleading exception for input source when processing
byte buffer with start offset
+ #658: Escape contents of source document snippet for
'JsonLocation._appendSourceDesc()'
+ #664: Add 'StreamWriteException' type to eventually replace
'JsonGenerationException'
+ #671: Replace 'getCurrentLocation()'/'getTokenLocation()' with
'currentLocation()'/'currentTokenLocation()' in 'JsonParser'
+ #673: Replace 'JsonGenerator.writeObject()' (and related) with
'writePOJO()'
+ #674: Replace 'getCurrentValue()'/'setCurrentValue()' with
'currentValue()'/'assignCurrentValue()' in
'JsonParser'/'JsonGenerator
+ #677: Introduce O(n^1.5) BigDecimal parser implementation
+ #687: ByteQuadsCanonicalizer.addName(String, int, int) has
incorrect handling for case of q2 == null
+ #692: UTF32Reader ArrayIndexOutOfBoundsException
+ #694: Improve exception/JsonLocation handling for binary
content: don't show content, include byte offset
+ #700: Unable to ignore properties when deserializing.
TokenFilter seems broken
+ #712: Optimize array allocation by 'JsonStringEncoder'
+ Add 'mvnw' wrapper
* 2.12.5 (27-Aug-2021)
+ #712: (partial) Optimize array allocation by
'JsonStringEncoder'
+ #713: Add back accidentally removed 'JsonStringEncoder'
related methods in 'BufferRecyclers'
(like 'getJsonStringEncoder()')
* 2.12.4 (06-Jul-2021)
+ #702: 'ArrayOutOfBoundException' at
'WriterBasedJsonGenerator.writeString(Reader, int)'
* 2.12.0 (29-Nov-2020)
+ #500: Allow "optional-padding" for 'Base64Variant'
+ #573: More customizable TokenFilter inclusion (using
'Tokenfilter.Inclusion')
+ #618: Publish Gradle Module Metadata
+ #619: Add 'StreamReadCapability' for further
format-based/format-agnostic handling improvements
+ #627: Add 'JsonParser.isExpectedNumberIntToken()' convenience
method
+ #630: Add 'StreamWriteCapability' for further
format-based/format-agnostic handling improvements
+ #631: Add 'JsonParser.getNumberValueExact()' to allow
precision-retaining buffering
+ #639: Limit initial allocated block size by 'ByteArrayBuilder'
to max block size
+ #640: Add 'JacksonException' as parent class of
'JsonProcessingException'
+ #653: Make 'JsonWriteContext.reset()' and
'JsonReadContext.reset()' methods public
+ Deprecate 'JsonParser.getCurrentTokenId()' (use
'#currentTokenId()' instead)
+ Full "LICENSE" included in jar for easier access by compliancy
tools
* 2.11.4 (12-Dec-2020)
+ #647: Fix NPE in 'writeNumber(String)' method of
'UTF8JsonGenerator',
'WriterBasedJsonGenerator'
* 2.11.0 (26-Apr-2020)
+ #504: Add a String Array write method in the Streaming API
+ #565: Synchronize variants of 'JsonGenerator#writeNumberField'
with 'JsonGenerator#writeNumber'
+ #587: Add JsonGenerator#writeNumber(char[], int, int) method
+ #606: Do not clear aggregated contents of 'TextBuffer' when
'releaseBuffers()' called
+ #609: 'FilteringGeneratorDelegate' does not handle
'writeString(Reader, int)'
+ #611: Optionally allow leading decimal in float tokens
-------------------------------------------------------------------
Mon Apr 26 07:25:18 UTC 2021 - Fridrich Strba <fstrba@suse.com>
- Rewrite to use ant for building in order to be able to use it
in packages that have to be built before maven
-------------------------------------------------------------------
Mon Jan 25 08:16:57 UTC 2021 - Fridrich Strba <fstrba@suse.com>
- Update to 2.10.5
* #616: Parsing JSON with 'ALLOW_MISSING_VALUE' enabled results
in endless stream of 'VALUE_NULL' tokens
* #605: Handle case when system property access is restricted
* #609: (partial fix) 'FilteringGeneratorDelegate' does not
handle 'writeString(Reader, int)'
-------------------------------------------------------------------
Thu Mar 26 07:34:19 UTC 2020 - Fridrich Strba <fstrba@suse.com>
- Update to 2.10.3
- Changes:
* #592: DataFormatMatcher#getMatchedFormatName throws NPE when
no match exists
* #603: 'JsonParser.getCurrentLocation()' byte/char offset update
incorrectly for big payloads
-------------------------------------------------------------------
Tue Jan 7 10:32:16 UTC 2020 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Changes for 2.10.2
#580: FilteringGeneratorDelegate writeRawValue delegate to 'writeRaw()'
instead of 'writeRawValue()'
#582: 'FilteringGeneratorDelegate' bug when filtering arrays (in 2.10.1)
-------------------------------------------------------------------
Wed Nov 20 17:42:21 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Version update to 2.10.1
* 2.10.1 (not yet released)
#455: Jackson reports wrong locations for JsonEOFException
#567: Add 'uses' for 'ObjectCodec' in module-info
#578: Array index out of bounds in hex lookup
* 2.10.0 (26-Sep-2019)
#433: Add Builder pattern for creating configured Stream factories
#464: Add "maximum unescaped char" configuration option for 'JsonFactory' via builder
#467: Create 'JsonReadFeature' to move JSON-specific 'JsonParser.Feature's to
#479: Improve thread-safety of buffer recycling
#480: 'SerializableString' value can not directly render to Writer
#481: Create 'JsonWriteFeature' to move JSON-specific 'JsonGenerator.Feature's to
#484: Implement 'UTF8JsonGenerator.writeRawValue(SerializableString)' (and
'writeRaw(..)') more efficiently
#495: Create 'StreamReadFeature' to move non-json specific 'JsonParser.Feature's to
#496: Create 'StreamWriteFeature' to take over non-json-specific 'JsonGenerator.Feature's
#502: Make 'DefaultPrettyPrinter.createInstance()' to fail for sub-classes
#506: Add missing type parameter for 'TypeReference' in 'ObjectCodec'
#508: Add new exception type 'InputCoercionException' to be used for failed coercions
like overflow for 'int'
#517: Add 'JsonGenerator.writeStartObject(Object, int)' (needed by CBOR, maybe Avro)
#527: Add simple module-info for JDK9+, using Moditect
#533: UTF-8 BOM not accounted for in JsonLocation.getByteOffset()
#539: Reduce max size of recycled byte[]/char[] blocks by 'TextBuffer',
'ByteArrayBuilder'
#547: 'CharsToNameCanonicalizer': Internal error on 'SymbolTable.rehash()' with high
number of hash collisions
#548: ByteQuadsCanonicalizer: ArrayIndexOutOfBoundsException in addName
#549: Add configurability of "quote character" for JSON factory
#561: Misleading exception for unquoted String parsing
#563: Async parser does not keep track of Array context properly
- Rewrite 'JsonGenerator.copyCurrentStructure()' to remove recursion)
- Add 'missingNode()', 'nullNode()' in 'TreeCodec'
- Add 'JsonParserDelegate.delegate()' methods
* 2.9.10 (21-Sep-2019)
#540: UTF8StreamJsonParser: fix byte to int conversion for malformed escapes
#556: 'IndexOutOfBoundsException' in UTF8JsonGenerator.writeString(Reader, len)
when using a negative length
* 2.9.9 (16-May-2019)
#516: _inputPtr off-by-one in UTF8StreamJsonParser._parseNumber2()
#531: Non-blocking parser reports incorrect locations when fed with non-zero offset
* 2.9.8 (15-Dec-2018)
#488: Fail earlier on coercions from "too big" 'BigInteger' into
fixed-size types ('int', 'long', 'short')
#510: Fix ArrayIndexOutofBoundsException found by LGTM.com
- Improve exception message for missing Base64 padding (see databind#2183)
* 2.9.7 (19-Sep-2018)
#476: Problem with 'BufferRecycler' via async parser (or when sharing parser
across threads)
#477: Exception while decoding Base64 value with escaped '=' character
#488: Fail earlier on coercions from "too big" 'BigInteger' into
fixed-size types ('int', 'long', 'short')
* 2.9.6 (12-Jun-2018)
#400: Add mechanism for forcing 'BufferRecycler' released (to call on shutdown)
#460: Failing to link 'ObjectCodec' with 'JsonFactory' copy constructor
#463: Ensure that 'skipChildren()' of non-blocking 'JsonParser' will throw
exception if not enough input
* 2.9.5 (26-Mar-2018)
No changes since 2.9.4
-------------------------------------------------------------------
Tue Oct 1 13:54:36 UTC 2019 - Fridrich Strba <fstrba@suse.com>
- Initial packaging of jackson-core 2.9.4