[FINAL CALL] - Travel Assistance to ApacheCon New Orleans 2022
To all committers and non-committers. This is a final call to apply for travel/hotel assistance to get to and stay in New Orleans for ApacheCon 2022. Applications have been extended by one week and so the application deadline is now the 8th July 2022. The rest of this email is a copy of what has been sent out previously. We will be supporting ApacheCon North America in New Orleans, Louisiana, on October 3rd through 6th, 2022. TAC exists to help those that would like to attend ApacheCon events, but are unable to do so for financial reasons. This year, We are supporting both committers and non-committers involved with projects at the Apache Software Foundation, or open source projects in general. For more info on this year's applications and qualifying criteria, please visit the TAC website at http://www.apache.org/travel/ Applications have been extended until the 8th of July 2022. Important: Applicants have until the closing date above to submit their applications (which should contain as much supporting material as required to efficiently and accurately process their request), this will enable TAC to announce successful awards shortly afterwards. As usual, TAC expects to deal with a range of applications from a diverse range of backgrounds. We therefore encourage (as always) anyone thinking about sending in an application to do so ASAP. Why should you attend as a TAC recipient? We encourage you to read stories from past recipients at https://apache.org/travel/stories/ . Also note that previous TAC recipients have gone on to become Committers, PMC Members, ASF Members, Directors of the ASF Board and Infrastructure Staff members. Others have gone from Committer to full time Open Source Developers! How far can you go! - Let TAC help get you there. === Gavin McDonald on behalf of the Travel Assistance Committee.
[Bug 64848] WsSession objects in OUTPUT_CLOSED state are implicitly held by waitingProcessors and GC cannot purge them from the JVM heap
https://bz.apache.org/bugzilla/show_bug.cgi?id=64848 --- Comment #16 from Christopher Schultz --- (In reply to Vishwanath Karra from comment #15) > We are seeing this issue with 8.5.72 - is there some other patch needed for > the 8.5 codeline ? The fix is confirmed for 9.0.40. Are you sure it's the same issue? Please post all your relevant information (i.e. actual evidence that you have a Websocket session memory leak) to the user's mailing list to verify this is the same problem. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat-training] dependabot[bot] opened a new pull request, #7: Bump engine.io from 1.8.5 to 3.6.0
dependabot[bot] opened a new pull request, #7:
URL: https://github.com/apache/tomcat-training/pull/7
Bumps [engine.io](https://github.com/socketio/engine.io) from 1.8.5 to 3.6.0.
Release notes
Sourced from https://github.com/socketio/engine.io/releases";>engine.io's
releases.
3.6.0
Bug Fixes
add extension in the package.json main entry (https://github-redirect.dependabot.com/socketio/engine.io/issues/608";>#608)
(https://github.com/socketio/engine.io/commit/3ad0567dbd57cfb7c2ff4e8b7488d80f37022b4a";>3ad0567)
do not reset the ping timer after upgrade (https://github.com/socketio/engine.io/commit/1f5d4699862afee1e410fcb0e1f5e751ebcd2f9f";>1f5d469)
Features
decrease the default value of maxHttpBufferSize (https://github.com/socketio/engine.io/commit/58e274c437e9cbcf69fd913c813aad8fbd253703";>58e274c)
This change reduces the default value from 100 mb to a more sane 1 mb.
This helps protect the server against denial of service attacks by
malicious clients sending huge amounts of data.
See also: https://github.com/advisories/GHSA-j4f2-536g-r55m";>https://github.com/advisories/GHSA-j4f2-536g-r55m
increase the default value of pingTimeout (https://github.com/socketio/engine.io/commit/f55a79a28a5fbc6c9edae876dd11308b89cc979e";>f55a79a)
Links
Diff: https://github.com/socketio/engine.io/compare/3.5.0...3.6.0";>https://github.com/socketio/engine.io/compare/3.5.0...3.6.0
Client release: -
ws version: https://github.com/websockets/ws/releases/tag/7.4.2";>~7.4.2
3.5.0
Features
add support for all cookie options (https://github.com/socketio/engine.io/commit/19cc58264a06dca47ed401fbaca32dcdb80a903b";>19cc582)
disable perMessageDeflate by default (https://github.com/socketio/engine.io/commit/5ad273601eb66c7b318542f87026837bf921";>5ad2736)
Links
Diff: https://github.com/socketio/engine.io/compare/3.4.2...3.5.0";>https://github.com/socketio/engine.io/compare/3.4.2...3.5.0
Client release: https://github.com/socketio/engine.io-client/releases/tag/3.5.0";>3.5.0
ws version: https://github.com/websockets/ws/releases/tag/7.4.2";>~7.4.2
3.4.2
Bug Fixes
remove explicit require of uws (https://github.com/socketio/engine.io/commit/85e544afd95a5890761a613263a5eba0c9a18a93";>85e544a)
Links
Diff: https://github.com/socketio/engine.io/compare/3.4.1...3.4.2";>3.4.1...3.4.2
Client release: -
... (truncated)
Changelog
Sourced from https://github.com/socketio/engine.io/blob/main/CHANGELOG.md";>engine.io's
changelog.
https://github.com/socketio/engine.io/compare/3.5.0...3.6.0";>3.6.0
(2022-06-06)
Bug Fixes
add extension in the package.json main entry (https://github-redirect.dependabot.com/socketio/engine.io/issues/608";>#608)
(https://github.com/socketio/engine.io/commit/3ad0567dbd57cfb7c2ff4e8b7488d80f37022b4a";>3ad0567)
do not reset the ping timer after upgrade (https://github.com/socketio/engine.io/commit/1f5d4699862afee1e410fcb0e1f5e751ebcd2f9f";>1f5d469),
closes https://github-redirect.dependabot.com//github-redirect.dependabot.com/socketio/socket.io-client-swift/pull/1309/issues/issuecomment-768475704";>socketio/socket.io-client-swift#1309
Features
decrease the default value of maxHttpBufferSize (https://github.com/socketio/engine.io/commit/58e274c437e9cbcf69fd913c813aad8fbd253703";>58e274c)
This change reduces the default value from 100 mb to a more sane 1 mb.
This helps protect the server against denial of service attacks by
malicious clients sending huge amounts of data.
See also: https://github.com/advisories/GHSA-j4f2-536g-r55m";>https://github.com/advisories/GHSA-j4f2-536g-r55m
increase the default value of pingTimeout (https://github.com/socketio/engine.io/commit/f55a79a28a5fbc6c9edae876dd11308b89cc979e";>f55a79a)
https://github.com/socketio/engine.io/compare/6.1.3...6.2.0";>6.2.0
(2022-04-17)
Features
add the "maxPayload" field in the handshake details (https://github.com/socketio/engine.io/commit/088dcb4dff60df39785df13d0a33d3ceaa1dff38";>088dcb4)
So that clients in HTTP long-polling can decide how many packets they
have to send to stay under the maxHttpBufferSize
value.
This is a backward compatible change which should not mandate a new major
revision of the protocol (we stay in v4), as
we only add a field in the JSON-encoded handshake data:
0{"sid":"lv_VI97HAXpY6yYWAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000,"maxPayload":100}
https://github.com/socketio/engine.io/compare/6.1.2...6.1.3";>6.1.3
(2022-02-23)
Bug Fixes
typings: allow CorsOptionsDelegate as cors options (https://github-redirect.dependabot.com/socketio/engine.io/issues/641";>#641)
(https://github.com/socketio/engine.io/commit/a463d268ed90064e7863679bda423951de108c36";>a463d26)
uws: properly handle chunked content (https:
[tomcat-training] branch dependabot/npm_and_yarn/engine.io-3.6.0 created (now cc19d41)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/npm_and_yarn/engine.io-3.6.0 in repository https://gitbox.apache.org/repos/asf/tomcat-training.git at cc19d41 Bump engine.io from 1.8.5 to 3.6.0 No new revisions were added by this update. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
