This is an automated email from the ASF dual-hosted git repository.
henrib pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-jexl.git
The following commit(s) were added to refs/heads/master by this push:
new 39551685 JEXL: getting ready for 3.4; - release notes; - remove
useless code;
39551685 is described below
commit 395516851e1ffdd241220bb45a19248a0464dfa1
Author: Henri Biestro <hbies...@cloudera.com>
AuthorDate: Sat May 25 10:46:45 2024 +0200
JEXL: getting ready for 3.4;
- release notes;
- remove useless code;
---
.../internal/introspection/ArrayIterator.java | 8 --
.../introspection/EnumerationIterator.java | 5 -
src/site/site.xml | 2 +-
src/site/xdoc/relnotes34.xml | 157 +++++++++++++++++++++
4 files changed, 158 insertions(+), 14 deletions(-)
diff --git
a/src/main/java/org/apache/commons/jexl3/internal/introspection/ArrayIterator.java
b/src/main/java/org/apache/commons/jexl3/internal/introspection/ArrayIterator.java
index 3cb09e4f..0df2e032 100644
---
a/src/main/java/org/apache/commons/jexl3/internal/introspection/ArrayIterator.java
+++
b/src/main/java/org/apache/commons/jexl3/internal/introspection/ArrayIterator.java
@@ -87,12 +87,4 @@ public class ArrayIterator implements Iterator<Object> {
public boolean hasNext() {
return pos < size;
}
-
- /**
- * No op--merely added to satify the <code>Iterator</code> interface.
- */
- @Override
- public void remove() {
- throw new UnsupportedOperationException();
- }
}
\ No newline at end of file
diff --git
a/src/main/java/org/apache/commons/jexl3/internal/introspection/EnumerationIterator.java
b/src/main/java/org/apache/commons/jexl3/internal/introspection/EnumerationIterator.java
index 7d5523f5..b9c1af56 100644
---
a/src/main/java/org/apache/commons/jexl3/internal/introspection/EnumerationIterator.java
+++
b/src/main/java/org/apache/commons/jexl3/internal/introspection/EnumerationIterator.java
@@ -50,9 +50,4 @@ public class EnumerationIterator<T> implements Iterator<T> {
public boolean hasNext() {
return enumeration.hasMoreElements();
}
-
- @Override
- public void remove() {
- // not implemented
- }
}
\ No newline at end of file
diff --git a/src/site/site.xml b/src/site/site.xml
index fe28e10c..ff53d369 100644
--- a/src/site/site.xml
+++ b/src/site/site.xml
@@ -25,7 +25,7 @@
<body>
<menu name="JEXL">
<item name="Overview" href="index.html" />
- <item name="Release Notes" href="relnotes33.html"/>
+ <item name="Release Notes" href="relnotes34.html"/>
<item name="Javadoc 3.4" href="apidocs/index.html"/>
<item name="Javadoc 2.1.1"
href="javadocs/apidocs-2.1.1/index.html"/>
<item name="Javadoc 1.1"
href="javadocs/apidocs-1.1/index.html"/>
diff --git a/src/site/xdoc/relnotes34.xml b/src/site/xdoc/relnotes34.xml
new file mode 100644
index 00000000..477a8dce
--- /dev/null
+++ b/src/site/xdoc/relnotes34.xml
@@ -0,0 +1,157 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<document>
+ <properties>
+ <title>Apache Commons JEXL 3.4 Release Notes</title>
+ </properties>
+
+ <body>
+ <section name="Compatibility with previous release">
+ <p>
+ Version 3.4 is source and binary compatible with 3.3.
+ </p>
+ </section>
+ <section name="Compatibility with older releases (< 3.3, 2.x)">
+ <p>
+ Since 3.3 release, the default setting for permissions that determine
which packages, classes and methods are
+ accessible to scripts has been reduced to a very narrow set. When
migrating from previous version of JEXL,
+ this may result in breaking your application behavior ; this breaking
change requires remediation in your code.
+ </p>
+ <p>
+ Despite the obvious inconvenience - our sincere apologies on the
matter -, how much functional and semantic
+ power is accessible through scripts has a real impact on your
application security and stability ;
+ that potential risk requires an informed review and conscious choice
on your end.
+ </p>
+ <p>
+ To mitigate the change, you can revert to the previous behavior with
one line of code
+ (see <a
href="apidocs/org/apache/commons/jexl3/introspection/JexlPermissions.html">JexlPermissions</a>,
+ <a
href="apidocs/org/apache/commons/jexl3/JexlBuilder.html">JexlBuilder</a>
+ and
+ <a
href="apidocs/org/apache/commons/jexl3/scripting/JexlScriptEngine.html">JexlScriptEngine</a>
+ ) or use this
+ opportunity to reduce exposure. Whether Files, URLs, networking,
processes, class-loaders or reflection classes
+ or whether loops or side effects are accessible are part of your
choice to make.
+ </p>
+ </section>
+ <section name="What's new in 3.4:">
+ <p>
+ Features and permissions are easier to define through new methods.
+ </p>
+ <p>
+ Some new syntaxes are introduced ; try/catch/finally (including with
resources),
+ an array-access safe navigation ((x?[y]), strict equality/inequality
operators (===, !==),
+ instanceof/!instanceof operators and more permissive structured
literals.
+ </p>
+ </section>
+
+ <section name="New Features in 3.4:">
+ <p>
+ <table>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-423>">JEXL-423:</a></td>
+ <td>Add support for instanceof / !instanceof</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-422>">JEXL-422:</a></td>
+ <td>Add strict equality (===) and inequality (!==) operators</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-421>">JEXL-421:</a></td>
+ <td>ArrayBuilder: array type should reflect common class of its
entries</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-419>">JEXL-419:</a></td>
+ <td>Add permission syntax to allow class/method/field</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-418>">JEXL-418:</a></td>
+ <td>Add try-catch-finally support</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-408>">JEXL-408:</a></td>
+ <td>Using JexlFeatures is tedious</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-404>">JEXL-404:</a></td>
+ <td>Support array-access safe navigation (x?[y])</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-401>">JEXL-401:</a></td>
+ <td>Captured variables should be read-only</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-398>">JEXL-398:</a></td>
+ <td>Allow 'trailing commas' or ellipsis while defining array, map
and set literals</td>
+ </tr>
+ </table>
+ </p>
+ </section>
+
+ <section name="Bugs Fixed in 3.4:">
+ <p>
+ <table>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-420>">JEXL-420:</a></td>
+ <td>Error while comparing float and string value</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-417>">JEXL-417:</a></td>
+ <td>JexlArithmetic looses precision during arithmetic operator
execution</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-416>">JEXL-416:</a></td>
+ <td>Null-valued pragma throws NPE in 3.3</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-415>">JEXL-415:</a></td>
+ <td>Incorrect template eval result</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-414>">JEXL-414:</a></td>
+ <td>SoftCache may suffer from race conditions</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-412>">JEXL-412:</a></td>
+ <td>Ambiguous syntax between namespace function call and map
object definition.</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-410>">JEXL-410:</a></td>
+ <td>JexlFeatures: ctor does not enable all features</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-409>">JEXL-409:</a></td>
+ <td>Disable LEXICAL should disable LEXICAL_SHADE</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-405>">JEXL-405:</a></td>
+ <td>Recursive functions corrupt evaluation frame if reassigned</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-403>">JEXL-403:</a></td>
+ <td>Exception while evaluating template literal used in array
assignment in loop.</td>
+ </tr>
+ <tr>
+ <td><a
href="https://issues.apache.org/jira/browse/JEXL-423>">JEXL-402:</a></td>
+ <td>parse failed with empty return value.</td>
+ </tr>
+ </table>
+ </p>
+ </section>
+ </body>
+</document>
