Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.16.8 backports 1 #34384

Merged
merged 12 commits into from
Jun 29, 2023
Merged

2.16.8 backports 1 #34384

merged 12 commits into from
Jun 29, 2023

Conversation

gsmet
Copy link
Member

@gsmet gsmet commented Jun 28, 2023

Please don't merge, I will merge it myself.

gsmet and others added 2 commits June 28, 2023 15:45
@gsmet
Add .mvn/.gradle-enterprise/ to .gitignore
5919641
@polarctos @gsmet
Fail on attempt to set custom hostname verifier
e42b474 
Both custom HostnameVerifier and SSLContext are currently not
supported by resteasy-reactive-client. This is documented as
known limitations.

This change aligns the implementation to the already present state
for SSLContext. It makes the builder fail when HostnameVerifier is
tried to be configured. The benefit is that it fails as early as
currently possible and not only when the custom hostname verification
would be needed later on.

Switch both to UnsupportedOperationException.

On the rest-client-reactive settings a custom hostname
verifier is currently not supported. Adapted the tests
accordingly as the builder fails early now throwing
UnsupportedOperationException.

(cherry picked from commit 6ce558f)
@gsmet gsmet added the area/infra internal and infrastructure related issues label Jun 28, 2023
@gsmet gsmet self-assigned this Jun 28, 2023
@quarkus-bot quarkus-bot bot added area/config area/core area/dependencies Pull requests that update a dependency file area/devtools Issues/PR related to maven, gradle, platform and cli tooling/plugins area/documentation area/maven area/oidc area/platform Issues related to definition and interaction with Quarkus Platform area/resteasy-classic area/rest labels Jun 28, 2023
@quarkus-bot

This comment has been minimized.

Sign in to view
polarctos and others added 10 commits June 28, 2023 17:30
@polarctos @gsmet
Enabling hostname verification by default
07731f8 
Since introduction of the setting 'verifyHost' the hostname
verification was disabled by default for the resteasy-reactive-client,
as the default value for boolean (primitive) is false.

This disabled default makes the reactive client vulnerable to MITM
attacks. In the meantime setting the config explicitly is a workaround
e.g. with 'quarkus.rest-client.verify-host=true'.

This change now adds a proper default both in the configuration and
for the field in the reactive client builder implementation.

Add test case for enabled host verification default

(cherry picked from commit 18f6f4c)
@rolfedh @gsmet
Fix broken link so it points to the config-yaml guide
ac5710a 
(cherry picked from commit d4dc940)
@mholzer85 @gsmet
Fix security-csrf-prevention.adoc
278449e 
Fixed typo in mention of default value for token name;
fixed missing parameter type and import in code example

(cherry picked from commit 37f7f5b)
@Sgitario @gsmet
Fix location and content location headers in Resteasy Reactive
8a12791 
When providing a location, the URI was being decoded, so the value was being altered from what users set.

Note that these changes are based on what Resteasy already does: https://github.com/resteasy/resteasy/blob/dadddfb699a875c44ba05c0abe176873acbd9aa2/resteasy-core/src/main/java/org/jboss/resteasy/specimpl/ResponseBuilderImpl.java#L187

Fix quarkusio#33419

(cherry picked from commit ced8b0a)
@geoand @gsmet
Ensure that cookies added in filters are visible to resource methods
4406cde 
Fixes: quarkusio#33490
(cherry picked from commit 196b742)
@aloubyansky @gsmet
Skip manifest entry properties that are missing values
75b7cf3 
(cherry picked from commit 0e9a248)
@sberyozkin @gsmet
Fix NPE in RunningDevService which represens a shared service
2840a9e 
(cherry picked from commit 28034bb)
@sberyozkin @gsmet
Avoid calling OIDC UserInfo endpoint if UserInfo is cached
977a0f0 
(cherry picked from commit e2cb17c)
@gsmet
Also include stream information in CLI project creation
5595955 
This has been done a long while ago for standard apps but I missed to
update the CLI somehow.

(cherry picked from commit f246839)
@cescoffier @gsmet
Update Netty to 4.1.94 and Brotli to 1.12.0
a4aabec 
(cherry picked from commit 15b2ece)
@gsmet gsmet force-pushed the 2.16.8-backports-1 branch from c796a06 to a4aabec Compare June 28, 2023 15:31
@github-actions
Copy link

🎊 PR Preview fbbbc31 has been successfully built and deployed to https://quarkus-pr-main-34384-preview.surge.sh/version/main/guides/

@quarkus-bot
Copy link

quarkus-bot bot commented Jun 29, 2023

Failing Jobs - Building a4aabec

Status Name Step Failures Logs Raw logs
✔️ JVM Tests - JDK 11
JVM Tests - JDK 11 Windows Build Failures Logs Raw logs
JVM Tests - JDK 17 Build ⚠️ Check → Logs Raw logs
✔️ JVM Tests - JDK 18
✔️ Maven Tests - JDK 11
Maven Tests - JDK 11 Windows Build ⚠️ Check → Logs Raw logs
Native Tests - Misc4 Build ⚠️ Check → Logs Raw logs
Native Tests - Windows - RESTEasy Jackson Build Failures Logs Raw logs

Full information is available in the Build summary check run.

Failures

⚙️ JVM Tests - JDK 11 Windows #

- Failing: extensions/grpc/deployment 
! Skipped: extensions/micrometer-registry-prometheus/deployment extensions/micrometer/deployment extensions/opentelemetry/deployment and 39 more

📦 extensions/grpc/deployment

io.quarkus.grpc.server.devmode.GrpcDevModeTest.testEchoStreamReload - More details - Source on GitHub

java.util.concurrent.RejectedExecutionException
	at org.jboss.threads.RejectingExecutor.execute(RejectingExecutor.java:38)
	at org.jboss.threads.EnhancedQueueExecutor.rejectShutdown(EnhancedQueueExecutor.java:2076)

⚙️ Native Tests - Windows - RESTEasy Jackson #

- Failing: integration-tests/resteasy-jackson

📦 integration-tests/resteasy-jackson

Failed to execute goal io.quarkus:quarkus-maven-plugin:2.16.999-SNAPSHOT:build (default) on project quarkus-integration-test-resteasy-jackson: Failed to build quarkus application

@gsmet gsmet merged commit 1100b8b into quarkusio:2.16 Jun 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@gsmet gsmet

Labels
area/config area/core area/dependencies Pull requests that update a dependency file area/devtools Issues/PR related to maven, gradle, platform and cli tooling/plugins area/documentation area/infra internal and infrastructure related issues area/maven area/oidc area/platform Issues related to definition and interaction with Quarkus Platform area/rest area/resteasy-classic
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@gsmet @polarctos @rolfedh @mholzer85 @Sgitario @geoand @aloubyansky @sberyozkin @cescoffier